Overprivileged agents
One process often receives broad access to files, shell commands, APIs and secrets just to complete a narrow task.
EXCESSIVE PERMISSIONSMonkeyShield sits between an AI agent and your operating system, controlling what it can read, write, execute and access.
The model is not the only attack surface. Every permission behind it multiplies the damage a bad instruction can cause.
One process often receives broad access to files, shell commands, APIs and secrets just to complete a narrow task.
EXCESSIVE PERMISSIONSA malicious document or webpage can influence the agent. Without enforcement, text can become a system-level operation.
UNTRUSTED INPUTWhen actions are scattered across tools and logs, it becomes difficult to answer who requested what, why and with which result.
LOW OBSERVABILITYNothing passes unless an explicit policy allows it.
Risky operations pause before execution and ask the operator.
Every request, decision and policy version leaves a trace.
Control paths, commands, hosts, methods, identities and runtime context.
request: file.write
resource: /etc/ssh/sshd_config
identity: local-agent-01
matched_rule: none
result: BLOCKED
request: shell.execute
command: apt install tcpdump
risk_score: 72 / 100
mode: HUMAN_APPROVAL
timeout: 120s
event_id: ms_01JZP8V7
policy_hash: 6c0d…a918
previous_hash: 3ee4…0b11
integrity: VERIFIED
allow: file.read
paths:
- /workspace/src/**
except:
- **/.env
- **/secrets/**
result: ALLOWED
Each tool request is intercepted, enriched with context, evaluated against policy and only then executed—or stopped.
Click a technical term to see a plain-language explanation.
Security policies should be reviewable, versioned and easy to explain—not buried in opaque model behavior.
version: "1"
default: deny
identities:
local-agent-01:
allow:
- action: file.read
paths:
- "/workspace/**"
except:
- "**/.env"
- "**/secrets/**"
- action: shell.execute
commands:
- "git status"
- "pytest *"
approval_required: true
Attack thinking finds the paths. Defensive engineering closes them. Safe operations keep the system useful. MonkeyShield combines all three.
MonkeyShield is being built in public by MonkeyPivot as the first project in the MonkeyAI Security Tools ecosystem.