ThirdKey builds the trust layer for autonomous AI agents — policy enforcement, cryptographic identity, tool governance, and network visibility.

AI agents are easy to demo and hard to trust. Symbiont is the Rust-native execution layer that separates agent intent from execution authority.

• Cedar-based fine-grained policy authorization
• Typestate-enforced ORGA reasoning loop (Observe → Reason → Gate → Act)
• MCP tool integration with SchemaPin cryptographic verification
• Docker sandboxing with resource limits and approval gates
• Tamper-evident cryptographic audit trails
• Secrets management via Vault/OpenBao, persistent memory, and RAG

👉 symbiont.dev | Source

Stop writing repetitive custom code for every tool. ToolClad defines typed, validated, policy-aware tool contracts in .clad.toml manifests.

• Three execution modes: oneshot (CLI), session (interactive PTY with Cedar gating), browser (governed headless via CDP/Playwright)
• Shell injection prevention, direct execve dispatch, process group isolation
• 14 built-in type validators, conditional evaluation, evidence envelope generation
• Reference implementations in Rust, Python, JavaScript, and Go

Detect AI agents operating on your network through passive monitoring, active probing, protocol detection, and behavioral analysis.

• Seven detection techniques: passive DNS analysis (40+ LLM API domains), TCP port scanning, AgentPin identity discovery, MCP server probing, HTTP endpoint signatures, JA3 TLS fingerprinting, behavioral traffic patterns
• Deploy standalone, via Docker, or Docker Compose with web dashboard
• Continuous scanning, webhook/SMTP alerting, SQLite history

• 🌐 Website: thirdkey.ai
• 🔬 Research: research.thirdkey.ai
• 🧠 Symbiont: symbiont.dev

ThirdKey.ai — Infrastructure for AI you can trust.