If you're shipping AI agents that make HTTP calls, this is a security layer that sits between your agent and the internet. Every outbound request hits static rules first, then gets evaluated by an LLM judge against a natural language policy before it reaches the actual API. You get SSRF protection, audit logs in Postgres, and a 403 with reasoning when something's blocked. It's overkill for demos but makes sense if your agent has write access to production APIs or you're worried about prompt injection leading to unauthorized calls. Ships as a Docker container with an admin UI for managing rules and policies per user.
npx skills add https://github.com/aradotso/trending-skills --skill crabtrap-llm-proxy