Skip to main content
AIDiveForge AIDiveForge
Visit RiskKernel

Get This Tool

License: Apache-2.0 Any use incl. commercial
Local-run terms: Self-host the Go binary or install via pip, Docker, or go install on own infrastructure with own provider keys; full source available under Apache 2.0.
Official Website

Share This Tool

Compare This Tool
📋 Embed this tool on your site

Copy this code to embed a compact tool card:

RiskKernel

FreeOpen SourceAPISelf-Hosted

Pricing

Model
Free

Summary

The invoice arrives before the alert does — an unattended agent loops through bad reasoning for an hour, and the first signal you get is a billing notification. RiskKernel is a self-hosted enforcement layer that puts hard dollar, iteration, and wall-clock ceilings around agent runs before that bill exists.

Deployed as a single Go binary, it sits in front of your existing OpenAI, Anthropic, or LangChain stack via a one-variable proxy — no rewrite required. Every call is metered and checkpointed, so a killed or crashed run resumes from the last saved state instead of re-spending from zero. The human-approval gate routes irreversible tool calls for sign-off over CLI, web, or webhook before they fire, and the LLM cannot bypass it because the gate lives in compiled code, not a prompt. The hosted dashboard is private beta only; teams that need a UI today are self-managing.

Bottom line: The right fit for a team running unattended agents on their own infra who need hard spend controls and audit trails — less suited if you need a managed cloud dashboard on day one, which is not yet available outside the waitlist.

Community Performance Report Card

No community ratings yet. Be the first to rate this tool!

Best For: Production AI agent deployments needing spend controls, Teams using LangChain, Claude Agent SDK, or OpenAI Agents SDK, Self-hosted environments requiring auditability and no external telemetry

Community Benchmarks Community

No community benchmarks yet. Be the first to share a real-world data point.

Guardrails & Safety Inference Engines & Infra

Pros

  • Hard per-run dollar and token ceilings enforced in compiled code, which means the kill switch fires before the overspend registers rather than after the invoice cycle closes.
  • Crash-resumable checkpointing, so a process killed mid-run restarts from the last saved state instead of replaying every prior API call and paying for them again.
  • Human-approval gate for side-effecting tool calls that the LLM cannot route around, so irreversible actions — deleting records, sending messages, writing to external systems — wait for a human decision before executing.
  • One-variable proxy adoption with no code rewrite required, so existing agents running against OpenAI or Anthropic get metering and enforcement without refactoring the application.
  • Self-hosted Apache 2.0 binary with BYO provider keys and no telemetry, so teams in regulated or air-gapped environments get full auditability without exporting run data to a third-party service.

Cons

  • The hosted dashboard is private beta only, so teams that need a web UI to monitor, review, or manage runs across agents have no production-ready option yet — they operate through CLI or build their own view against the OpenTelemetry export.
  • SDK adapters are scoped to LangChain, the Claude Agent SDK, and the OpenAI Agents SDK; teams running CrewAI, AutoGen, or any other framework hit the proxy layer only and lose loop-count and tool-level controls until they write their own adapter.
  • The project is maintained by a single developer with no enterprise support tier listed; teams whose compliance posture requires a support contract or SLA will find nothing on offer and will move to a vendor-backed observability or guardrails product instead.

Community Reviews

No reviews yet. Be the first to share your experience.

About

Platforms
Linux, macOS, Windows (Go binary)
API Available
Yes
Self-Hosted
Yes
Last Updated
2026-06-12T14:43:25.167Z

Best For

Who it's for

  • Production AI agent deployments needing spend controls
  • Teams using LangChain, Claude Agent SDK, or OpenAI Agents SDK
  • Self-hosted environments requiring auditability and no external telemetry

What it does well

  • Preventing runaway token spend in unattended agent runs
  • Enforcing iteration and wall-clock limits on agent loops
  • Adding human approval gates before irreversible tool calls
  • Resuming crashed long-running agent executions from checkpoints

Integrations

OpenAIAnthropicLangChainClaude Agent SDKOpenAI Agents SDKOpenTelemetry

Discussion Community

No discussion yet. Sign in to start the conversation.

Compare RiskKernel

Spotted incorrect or missing data? Join our community of contributors.

Sign Up to Contribute

Community Notes & Tips Community

Be the first to contribute. General notes, observations, gotchas, and tips from people who use this tool day-to-day.

Frequently Asked Questions

Is RiskKernel free?
Yes — RiskKernel is fully free to use. There is no paid tier.
Is RiskKernel open source?
Yes. RiskKernel is open source.
Does RiskKernel have an API?
Yes. RiskKernel exposes a developer API. See the official documentation at https://riskkernel.com for details.
Can I self-host RiskKernel?
Yes. RiskKernel supports self-hosting on your own infrastructure.
What platforms does RiskKernel support?
RiskKernel is available on: Linux, macOS, Windows (Go binary).

Hours Saved & ROI Stories Community

Be the first to contribute. Concrete time/cost savings, with context. e.g. "Cut my code review backlog from 4h to 45m per week."

Curated lists that include this category

RiskKernel

Uncapped agent runs are a production liability: no ceiling on spend, no deterministic exit on loops, no gate before a destructive tool call fires. RiskKernel addresses this by acting as a metered proxy and enforcement runtime between your code and your LLM provider. Point your existing agent at the local endpoint with one environment variable, and every API call is measured against the dollar, token, loop count, and wall-clock budgets you set. The kill switch fires mid-loop the moment a ceiling is crossed — before the spend lands, according to the vendor — and a checkpoint written at each step means a crashed run resumes without re-executing paid work.

The differentiating feature is determinism. The vendor makes an explicit architectural choice: budgets, gates, and kill switches live in statically-typed Go code, not in prompts or framework configuration. That means the enforcement logic runs identically every time regardless of what the model reasons. The human-approval gate — which blocks side-effecting tool calls and routes them for review before execution — inherits that property. The LLM proposes; compiled code decides whether the action proceeds.

The runtime is Apache 2.0 and self-hosted with no telemetry; provider keys are never stored in plaintext and nothing phones home, which is verifiable in the source. OpenTelemetry export emits GenAI spans for cost, loops, and checkpoints to Datadog, Grafana, Honeycomb, or any compatible backend. SDK adapters cover LangChain, the Claude Agent SDK, and the OpenAI Agents SDK. Where RiskKernel breaks down: the hosted dashboard is in private beta, so teams that need a visual run-management UI are on a waitlist. Organisations with LLM frameworks outside the three listed adapters will need to handle integration themselves at the SDK layer.

Browse AI tools by use case · Affiliate Disclosure · Privacy · Email Policy · Terms · DMCA