SafeYolo
You sandboxed the agent to protect your machine. Now protect your keys from hallucinated endpoints.A sidecar proxy for Claude Code and other coding agents that prevents credential leaks, blocks typo/homograph endpoints, tames runaway loops, and logs agent HTTP/tool calls.
Built by Threatspotting
THE PROBLEM
Agents move fast. They also make mistakes at machine speed.
Hallucinated / typo endpoints (typosquats)
Credential leakage to the wrong host
Runaway request loops (rate limits, IP bans)
No audit trail when something weird happens
Safety net, not a firewall
SafeYolo catches the 80% of failures from hallucinations,
copy-paste mistakes, and basic injection
without pretending to stop a sophisticated attacker.
WHAT IT DOES
Agent egress guardrails, at the network layer.
Credential routing: keys only go to approved destinations
Typosquat & homograph defense: blocks look-alike domains
Rate limiting + circuit breaker: prevents loops and fail-fast on broken upstreams
Structured logging: JSONL events + Prometheus metrics
Runtime control: switch between warn ↔ block via admin API
HOW IT FITS
Agent / CI Runner → SafeYolo Proxy → Internet
(Optional: run agents with no direct internet access.)Powered by mitmproxy.
SafeYolo adds security guardrails as native addons, not a new proxy.
DEMOS
Things SafeYolo will demonstrate immediately:
Block an API key being sent to an unauthorized host
Catch a hallucinated/typo endpoint before secrets leave the machine
Stop runaway loops with rate limits and circuit breaking
INSTALL
Docker-first sidecar.
Run it locally or in CI to put rails around agent HTTP/tool calls.
git clone
https://github.com/craigbalding/safeyolo
cd safeyolo
docker compose up -d
WHO IT’S FOR
Solo devs using coding agents daily
Small teams running agents in CI
Security-minded teams who want egress policy + audit before agents touch real systems
HELP / COMMERCIAL
Need help rolling this out safely (policy baselines, CI integration, “agents without internet”, logging + alerting)?[email protected]