Apache 2.0 · Open SourceThe open enforcement foundation.
EnforceCore is the open-source framework that provides kernel-level enforcement primitives for autonomous AI agents. Policy-as-code, cryptographic sandboxing, and Merkle audit trails — the foundation that AKIOS and any agentic system can build on.
View on GitHub
pip install enforcecore
from enforcecore import PolicyEngine, Sandbox
# Load policy
policy = PolicyEngine.from_yaml("policy.yaml")
# Wrap any agent
safe = Sandbox(
agent=my_agent,
policy=policy,
allow_network=["api.openai.com"],
allow_fs=["/tmp/workspace"],
max_cost_usd=5.00,
redact_pii=True
)
# Run — enforced
result = safe.run("Analyze Q3 earnings")Technical Specifications
Built for production workloads.
Sub-millisecond policy evaluation. Kernel-level isolation. Zero runtime dependencies.
- Policy latency
- < 0.5 ms
- Language
- Rust core
- SDK
- Python
- Policy format
- YAML / Rego
- Audit format
- Merkle / JSON
- Sandbox
- Kernel-level
- License
- Apache 2.0
- Deployment
- Library / Sidecar
What is EnforceCore?
The enforcement layer that any agent system can use.
EnforceCore is the open-source foundation that sits beneath AKIOS. It provides the core enforcement primitives — policy evaluation, sandboxing, audit trail generation — as a standalone library. Licensed under Apache 2.0, it is designed to become the standard enforcement layer for the agentic ecosystem. You can use it directly, or through AKIOS which adds production-grade governance, observability, and cost controls on top.
Core capabilities
Enforcement Primitives
Six foundational primitives that make policy violations structurally impossible at the kernel level.
Policy-as-Code Engine
Define agent constraints in YAML or Rego. Policies are compiled to WASM for sub-millisecond evaluation. Version-controlled and cryptographically signed.
Kernel Sandboxing
Isolate agent execution at the syscall level. Control network, filesystem, and process access with deterministic deny-by-default policies.
Merkle Audit Trails
Every agent action is cryptographically logged in a Merkle tree. Immutable, tamper-evident, and exportable for compliance audits.
PII Redaction Engine
Real-time entity detection and redaction inline before data exits the sandbox. Covers PCI, HIPAA, and GDPR entity classes.
Cost Kill-Switch
Hard limits on token usage and API spend. Circuit breakers trigger automatically when budgets are exceeded — no runaway costs.
Tool Permission Framework
Granular allow/deny rules for every tool an agent can invoke. Prevent unauthorized API calls, file writes, and network access at the framework level.
Drop-in Integration
Three lines to enforce.
Import. Wrap. Run. EnforceCore wraps any agent in a policy-enforced sandbox with a single function call. No refactoring, no SDK lock-in.
Zero Lock-in
Works with LangChain, AutoGPT, CrewAI, or any custom orchestrator. No SDK required.
Policy-as-Code
Define constraints in YAML or Rego. Version-control policies like application code.
Audit-Ready
Every decision is logged to a Merkle tree. Export JSON for compliance audits.
< 0.5 ms
Policies compile to WASM. Evaluation overhead is sub-millisecond at p99.
# policy.yaml
version: "1.0"
rules:
- name: block-financial-advice
match:
output: "regex:you should (buy|sell|invest)"
action: deny
severity: critical
- name: pii-redaction
match:
output: "entity:PERSON|SSN|CREDIT_CARD"
action: redact
- name: cost-limit
match:
token_spend: "> 10000"
action: kill
notify: ops@company.comHow it fits together
Three layers. One stack.
EnforceCore is the foundation. AKIOS is the production system. AKIOS Pro is the enterprise platform. Each layer builds on the one below, and you choose the level that matches your needs.
Foundation
EnforceCore
Open enforcement primitives (Apache 2.0). Use standalone or as the base for AKIOS.
Production
AKIOS Core
Complete runtime (GPL-3.0-only). Adds governance, RADAR observability, FLUX cost control.
Cloud
AKIOS Pro
Cloud management plane. RADAR dashboard, FLUX metering, policy sync, team RBAC, audit exports. Credit-based. The SDK is free.
We're opening EnforceCore to the community. If you're building agentic systems and need kernel-level enforcement, contribute or grab a design partner slot.
Design Partner Slot
Open Source · Apache 2.0
Frequently Asked Questions
Go beyond EnforceCore with AKIOS.
EnforceCore gives you enforcement primitives. AKIOS Core adds governance workflows, RADAR observability, and FLUX cost controls — a complete runtime for production agent systems. Licensed GPL-3.0-only.
| Compare tiers | EnforceCore Free (Apache 2.0) | AKIOS Core Free (GPL-3.0-only) | AKIOS Pro Invite-only (beta) |
|---|---|---|---|
| Enforcement | |||
| Policy-as-Code Engine | |||
| Kernel Sandboxing | |||
| Merkle Audit Trails | Local | Local | Centralized |
| PII Redaction | |||
| Cost Kill-Switch | |||
| Production | |||
| Governance Workflows | |||
| RADAR Observability | |||
| FLUX Cost Control | |||
| Multi-Agent Orchestration | Basic | Advanced | |
| Cloud & Enterprise | |||
| RADAR trace dashboard | |||
| Team RBAC | |||
| Credit-based billing | |||
| SSO / SAML / VPC (Enterprise) | Enterprise add-on | ||
| Enforcement | |
|---|---|
| Policy-as-Code Engine | |
| Kernel Sandboxing | |
| Merkle Audit Trails | Local |
| PII Redaction | |
| Cost Kill-Switch | |
| Production | |
| Governance Workflows | |
| RADAR Observability | |
| FLUX Cost Control | |
| Multi-Agent Orchestration | |
| Cloud & Enterprise | |
| RADAR trace dashboard | |
| Team RBAC | |
| Credit-based billing | |
| SSO / SAML / VPC (Enterprise) | |
| Enforcement | |
|---|---|
| Policy-as-Code Engine | |
| Kernel Sandboxing | |
| Merkle Audit Trails | Local |
| PII Redaction | |
| Cost Kill-Switch | |
| Production | |
| Governance Workflows | |
| RADAR Observability | |
| FLUX Cost Control | |
| Multi-Agent Orchestration | Basic |
| Cloud & Enterprise | |
| RADAR trace dashboard | |
| Team RBAC | |
| Credit-based billing | |
| SSO / SAML / VPC (Enterprise) | |
| Enforcement | |
|---|---|
| Policy-as-Code Engine | |
| Kernel Sandboxing | |
| Merkle Audit Trails | Centralized |
| PII Redaction | |
| Cost Kill-Switch | |
| Production | |
| Governance Workflows | |
| RADAR Observability | |
| FLUX Cost Control | |
| Multi-Agent Orchestration | Advanced |
| Cloud & Enterprise | |
| RADAR trace dashboard | |
| Team RBAC | |
| Credit-based billing | |
| SSO / SAML / VPC (Enterprise) | Enterprise add-on |
Start enforcing.
Use EnforceCore standalone or as part of the full AKIOS runtime. Open source, production-ready, zero licensing friction.