Sandboxed plugin VM with typed capabilities, deterministic replay, and time-travel debugging — written in Rust.

Operating system written in Erlang and Rust

Native Rust runtime for adversarial extension workloads with deterministic replay, cryptographic decision receipts, and fleet-scale containment.

A scripting language for cowboy coders

Electron runtime layer providing protocol-based separation, component assembly, and capability-based process control.

plan-bound authorization architecture for governing privileged effects in untrusted computational agents.

KAIROS-ARK is a high-performance, Rust-based Agent Runtime Kernel built for industrial-grade reliability. It delivers sub-100µs dispatch latency, event-sourced deterministic replay, and kernel-enforced capability sandboxing, bridging Python prototypes and production AI systems.

A default-deny capability floor the model can't talk past, plus an addressable KV cache — in one Go binary.

A capability-native research kernel for explicit authority, isolated execution, temporal state, and verifiable system boundaries. It is particularly efficient with WebAssembly

my tinkering notebook (blog)

The Estate's primary MCP server — GitHub, GitLab, and 115+ capability cartridges. Formally verified BoJ-server-ABI in Idris2 0.8.0 (%default total) with safety lemmas for credential isolation.

A capability-centric programming language. Hand-written compiler in Python.

Cryptographic trust mediation layer for AI agent frameworks. Apache 2.0 reference architecture composing device-attested admission, short-TTL scoped capabilities, runtime continuity envelopes, context provenance anchoring, agent intent binding, FHE context gate, MCP boundary mediation, signed policy bundles, and tamper-evident audit chain.

Security-first programming language for building high-assurance services, secure communications, privacy-aware networking tools, policy-enforced runtimes, secret-safe data pipelines, and auditable least-authority systems.

Capability-security kernel for autonomous agents — seccomp/SELinux for agentic AI. Formal, auditable, language-agnostic, cryptographically verifiable.

JavaScript on genode using the Moddable XS engine

Runtime seccomp-style per-call capability sandbox for installable agent skills — declare what each skill may touch, enforce it at the call site, trap+log violations.

The Kernel of CharlotteOS, An Experimental Modern Operating System

The agent-run work-unit CLI: capability-scoped agents whose every privileged effect is verified against its signed owner, driving a work unit through one signed pipeline to a merged PR.

Bounded shell and CLI execution for AI agents: structured contracts, policy-gated execution, hardened Linux runtime enforcement, and signed receipts.