Open Source Guardrails & Safety
As of June 2026, AIDiveForge tracks 4 open source guardrails & safety. Curated open source guardrails & safety tracked by AIDiveForge. Each project has a verified public source repository. Listings are verified against each tool's live website and re-checked regularly.
Last updated June 18, 2026 · 4 tools
1. AGEF
The specification defines a content-addressed, Merkle-linked event structure so every decision in an agent session can be hashed, bundled, and checked offline — no live service required. The reference implementation is Akmon (v2.0.0 and later), which handles bundle export, import, and journaling via akmon-journal. AGEF is a format standard, not a deployed platform: there is no SaaS, no API, and no hosted verification service. Teams adopting it are taking on the work of building or integrating bundle-producing substrates into their existing agent infrastructure. At v0.1.1, the spec is pre-stable — conformance profiles and bundle structure are defined, but tooling outside the Akmon reference implementation is essentially absent.
FreeOpen Source
2. ComplyEdge
ComplyEdge is an open-source compliance engine that runs on every production request your AI agent processes, enforcing EU AI Act Article 5 prohibitions and emitting structured audit trails instead of opaque scores. The decorator-based Python SDK wraps agent entry points with a single annotation, so enforcement is tied to the code path rather than bolted on downstream. TrustLint, the companion CLI tool, moves the same rule set into CI/CD so violations surface before deployment. The ceiling appears when you need jurisdictions beyond EU or rule sets beyond Article 5 — the repo shows EU coverage, and teams with broader regulatory scope will find themselves extending the rule library themselves. With three GitHub stars and zero open issues at time of writing, production battle-testing is still accumulating.
FreeOpen Source
3. gate-oc-audit
Gate operates as a drop-in proxy: your agent points at one endpoint, Gate inspects every outbound prompt and every inbound response, then enforces the policy you write — blocking injections, redacting secrets and PII, flagging ambiguous cases, and writing every decision to a tamper-evident audit log anchored to a blockchain. The vendor reports 97.4% F1 across 16 public prompt-injection benchmarks and a head-to-head F1 of 96.6% versus Lakera Guard's 83.7% on four matched datasets; methodology and per-benchmark scores are published. Token compression and prefix caching run on every request, and the vendor states users see 20% or more token savings without changing model outputs. Gate is in private beta with no self-hosted deployment option, so teams with hard data-residency requirements hit a wall immediately.
PaidOpen Source
4. RiskKernel
Deployed as a single Go binary, it sits in front of your existing OpenAI, Anthropic, or LangChain stack via a one-variable proxy — no rewrite required. Every call is metered and checkpointed, so a killed or crashed run resumes from the last saved state instead of re-spending from zero. The human-approval gate routes irreversible tool calls for sign-off over CLI, web, or webhook before they fire, and the LLM cannot bypass it because the gate lives in compiled code, not a prompt. The hosted dashboard is private beta only; teams that need a UI today are self-managing.
FreeOpen Source
Listings on this page are sourced and verified by the AIDiveForge data pipeline. AIDiveForge is editorially independent — no money changes hands for inclusion.