Show HN: Bulwark – a kernel read gate so coding agents can't read .env or .ssh
Category: security
Tags: security, kernel, ai-agents
Score: 7.5/10 (Innovation: 7, Technical: 8, Documentation: 8, Utility: 7)
Bulwark is an OS-level read gate that prevents AI coding agents from reading sensitive files like .env or .ssh by intercepting open() syscalls at the kernel level using fanotify (Linux) or Endpoint Security (macOS). It is interesting because it enforces a structural security boundary based on inode identity rather than path strings or prompts, making it immune to agent persuasion or symlink tricks.
Target audience: backend devs, devops, security engineers
Repository: https://github.com/obstalabs/bulwark · Rust · AGPL-3.0
View on Hacker News