An open-source CLI security scanner (112 HN pts) that analyzes Python AI agent code from LangChain, CrewAI, and AutoGen for vulnerabilities: prompt injection paths, over-permissioned tool sets, and missing guardrails.

What is Burrow for AI agents?

A runtime security layer (89 HN pts) that sits between an AI agent and the host system, intercepting tool calls before execution and enforcing policies written in plain English.

How do teams monitor AI agents running in production?

No settled standard as of mid-2026. Common approaches: OpenTelemetry traces from agent SDKs, local JSONL log parsing, MCP audit servers (Vigilo), and dedicated observability platforms like AgentShield.

What damage can an unmonitored AI agent cause?

Documented incidents include deleting files outside project scope, making API calls that incur unexpected charges, and committing code with injected malicious packages from hallucinated dependencies.

What is the difference between Agent Audit and Burrow?

Agent Audit is a static code scanner (pre-deployment) that finds security holes in agent definitions. Burrow is a runtime interceptor (post-deployment) that blocks unsafe tool calls as they execute.

← Back to dashboard

clawsmith.com/signal/ai-agent-observability-production-security-cli

⚠ IssueWide OpenLive

AI Agents Running in Production With No Runtime Visibility — Security and Observability Tools Emerging

Agent Audit (112 HN pts) scans LangChain/CrewAI/AutoGen code for security holes. Burrow (89 HN pts) intercepts tool calls at runtime with policy enforcement in plain English. Ask HN 'how are you monitoring agents in production' has no settled answers. Agents are doing real damage undetected — deleting files, making unintended API calls, installing hallucinated packages.