Skip to content

feat: Add Agent OS safety governance example #300

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
imran-siddique wants to merge 1 commit into
base: main
Choose a base branch
from
Open

feat: Add Agent OS safety governance example #300

imran-siddique wants to merge 1 commit into from
+475 −0

Conversation

@imran-siddique
Copy link

@imran-siddique imran-siddique commented Jan 31, 2026

What this PR adds

A new example demonstrating kernel-level safety governance for CrewAI agents using Agent OS.

Why it matters

CrewAI agents can hallucinate dangerous operations like \
m -rf\, \\sudo\, and \\chmod 777\. Prompt engineering alone cannot reliably prevent these. Agent OS provides a kernel-level safety layer.

What the demo shows

  1. Cleanup Bot tries to delete files -> BLOCKED
  2. Data Analyst reads CSV files -> ALLOWED
  3. Deploy Bot tries sudo -> BLOCKED

How to run

\\�ash
cd agent_os_safety
python main.py
\\

No dependencies required - standalone demo.

Related

@imran-siddique
feat: Add Agent OS safety governance example
44b883c 
This example demonstrates kernel-level safety for CrewAI agents:
- Blocks dangerous file operations (rm -rf, shutil.rmtree)
- Blocks privilege escalation (sudo, chmod 777)
- Allows safe operations (file reads, analysis)
- Full audit logging

No dependencies required - standalone demo.

Learn more: https://github.com/imran-siddique/agent-os
@imran-siddique imran-siddique mentioned this pull request Jan 31, 2026
Open
@imran-siddique
Copy link
Author

imran-siddique commented Feb 3, 2026

Hi team! 👋 Just checking in on this PR.

I'd love to get feedback on the approach here. The example demonstrates how Agent OS can add a safety layer to CrewAI agents by blocking dangerous shell commands (rm -rf, sudo, etc.) at the kernel level rather than relying on prompt engineering.

Happy to make any changes if needed. Let me know if you'd like me to:

  • Add more documentation
  • Include additional test cases
  • Modify the example structure

Thanks for maintaining such a great examples repo!

@imran-siddique
Copy link
Author

imran-siddique commented Feb 11, 2026

Friendly ping -- Agent OS was just merged into microsoft/agent-lightning (14k stars): microsoft/agent-lightning#478 -- Would love to get this example merged too!

@imran-siddique
Copy link
Author

imran-siddique commented Feb 11, 2026

Update: Our AgentMesh trust layer was just merged into LlamaIndex (47k stars): run-llama/llama_index#20644. This is our second major integration merge this week after Microsoft's agent-lightning (14k stars). Would love to get this PR reviewed as well!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@imran-siddique