Skip to content
@ThirdKeyAI

ThirdKey.AI

AI Safety and Security Solutions
README.md

Secure AI Infrastructure for the Autonomous Future

ThirdKey builds the trust layer for autonomous AI agents — policy enforcement, cryptographic identity, tool governance, and network visibility.

Featured Projects

Symbiont — Policy-Governed Agent Runtime

AI agents are easy to demo and hard to trust. Symbiont is the Rust-native execution layer that separates agent intent from execution authority.

  • Cedar-based fine-grained policy authorization
  • Typestate-enforced ORGA reasoning loop (Observe → Reason → Gate → Act)
  • MCP tool integration with SchemaPin cryptographic verification
  • Docker sandboxing with resource limits and approval gates
  • Tamper-evident cryptographic audit trails
  • Secrets management via Vault/OpenBao, persistent memory, and RAG

👉 symbiont.dev | Source

ToolClad — Declarative Tool Interface Contracts

Stop writing repetitive custom code for every tool. ToolClad defines typed, validated, policy-aware tool contracts in .clad.toml manifests.

  • Three execution modes: oneshot (CLI), session (interactive PTY with Cedar gating), browser (governed headless via CDP/Playwright)
  • Shell injection prevention, direct execve dispatch, process group isolation
  • 14 built-in type validators, conditional evaluation, evidence envelope generation
  • Reference implementations in Rust, Python, JavaScript, and Go

AgentSniff — AI Agent Network Scanner

Detect AI agents operating on your network through passive monitoring, active probing, protocol detection, and behavioral analysis.

  • Seven detection techniques: passive DNS analysis (40+ LLM API domains), TCP port scanning, AgentPin identity discovery, MCP server probing, HTTP endpoint signatures, JA3 TLS fingerprinting, behavioral traffic patterns
  • Deploy standalone, via Docker, or Docker Compose with web dashboard
  • Continuous scanning, webhook/SMTP alerting, SQLite history

Trust Stack

Project Description
🔐 SchemaPin Cryptographic protocol for signing AI tool schemas and policies
🪪 AgentPin Domain-anchored cryptographic identity for AI agents

Research & Tools

Project Description
🕶️ AgentNull Reference implementation of a restricted LLM agent for security testing
📦 VectorSmuggle Covert data exfiltration via vector embeddings (research prototype)

Stay Connected

ThirdKey.ai — Infrastructure for AI you can trust.

Pinned Loading

  1. Symbiont Symbiont Public

    Rust-native runtime for executing AI agents and tools under explicit policy, identity, and audit controls.

    Rust 39 7

  2. SchemaPin SchemaPin Public

    The SchemaPin protocol for cryptographically signing and verifying AI agent tool schemas to prevent supply-chain attacks.

    Python 13 6

  3. ToolClad ToolClad Public

    ToolClad is a manifest format (.clad.toml) that defines the complete behavioral contract for a tool: typed parameters, validation rules, invocation mechanism, output parsing, and policy metadata.

    Rust 1

  4. AgentPin AgentPin Public

    AgentPin agent pinning protocol, part of the Symbiont Agent Trust Stack

    Rust 2

  5. symbiont-sdk-python symbiont-sdk-python Public

    Python DSK for Symbiont DSL and agent framework.

    Python 3

  6. symbiont-sdk-js symbiont-sdk-js Public

    Javascript SDK for Symbiont

    TypeScript 2

Repositories

Showing 10 of 15 repositories
View all repositories

People

This organization has no public members. You must be a member to see who’s a part of this organization.

Top languages

Loading…

Most used topics

Loading…