Fresh out of GitHub this week: a lean open-source tool that locks your AI agent to a defined permission scope before it ever touches your system.
Developer Jan Kowalewski dropped agent-scope, a simple utility that wraps AI agents in a permissions and ACL layer. You define what the agent can access. Everything else is blocked at the OS level, not just in the prompt.
Here’s the twist: Most people try to solve agent safety through prompting, telling the agent ‘don’t touch X.’ But agent-scope skips that entirely. It enforces access boundaries at the system level, so the agent physically cannot read or write outside its defined scope, no matter what the prompt says.
How to use it:
- 🔍 Clone the repo: github.com/kowalewskijan/agent-scope
- 🗂️ Define your ACL, which files, dirs, or resources the agent is allowed to touch
- 🔒 Wrap your agent execution inside agent-scope’s permission layer
- 🚀 Run the agent; it operates only within the sandbox you set
- ✅ Check the access logs to see exactly what it attempted
Pro tip: Start with the minimum access the agent needs to do the job. Expand only if required. Security people call this least privilege. Now you can actually enforce it on AI agents instead of just hoping the prompt holds.
One commenter asked the obvious question: ‘What do you think the agent is doing in my system when I’m not watching?’ 🤔 Exactly the right question to be asking.
If you’re running autonomous agents with any kind of file or system access, this is worth 10 minutes of your time. 🛠️
Simple secure tool based on permissions and ACLs
by u/xxixxxvii in PromptEngineering