Broker Security

Secure communication between AI agents and external services

The Security Challenge

As AI agents gain capabilities to interact with external services—APIs, databases, file systems— the attack surface grows. How do you give an AI the access it needs while preventing misuse?

The Core Problem: AI agents need access to do useful work, but unbounded access is dangerous. The seks broker provides the missing security layer.

The Seks Broker Model

The seks broker sits between AI agents and external services, enforcing security policies and providing audit trails. Think of it as a security-conscious proxy with principles.

🎯 Principle of Least Privilege

Agents request only the capabilities they need. The broker grants scoped, time-limited access—never more than necessary.

📋 Policy Enforcement

Define what actions are allowed, denied, or require human approval. Policies are declarative and version-controlled.

📊 Audit Logging

Every request through the broker is logged. Know exactly what your AI agents are doing, when, and why.

🚦 Rate Limiting

Prevent runaway agents from hammering APIs or accumulating costs. Set limits per agent, per service, or globally.

Security Architecture

Request Flow

Agent → Broker → Policy Check → Service
                    ↓
              Audit Log

Policy Example

# seks-policy.yaml
version: 1
agents:
  aeonbyte:
    services:
      github:
        allow:
          - "repos.list"
          - "repos.get"
          - "issues.list"
        deny:
          - "repos.delete"
          - "admin.*"
        require_approval:
          - "repos.create"
      email:
        allow:
          - "draft.*"
        require_approval:
          - "send"

rate_limits:
  global:
    requests_per_minute: 100
  per_agent:
    requests_per_minute: 30

Key Concepts

Capabilities, Not Credentials

Agents don't hold raw API keys. They request capabilities ("send email to X") and the broker decides whether to grant them. Credentials never leak to agent context.

Human-in-the-Loop

Sensitive operations can require human approval. The broker queues the request, notifies you, and waits for your decision.

Scoped & Ephemeral Access

Access grants are time-limited and scoped. An agent might get "read access to repo X for 5 minutes"— not permanent access to everything.

Integration

The seks broker integrates with popular AI frameworks and can proxy requests to any REST API. Built-in adapters for common services coming soon.

Coming Soon: Adapters for GitHub, Slack, Discord, email, and Cloudflare services.

Have security requirements we should know about? Share your use case!