Home Content News Sondera Open Sources AI Agent Policy Enforcement Harness

Sondera Open Sources AI Agent Policy Enforcement Harness

0
1
Image for representation purposes
Image for representation purposes

Sondera has released an open-source AI agent control harness and SDKs alongside peer-reviewed research that compiles natural-language policies into formally verified controls, aiming to help organisations securely govern AI agents across any runtime.

Sondera has unveiled an open-source harness and SDKs that enable developers to apply formally verified policy enforcement across AI agents, alongside research on compiling natural-language organisational policies into policy-as-code. The work has been accepted at ICML 2026’s Agents in the Wild workshop and FLoC 2026’s LLM-Solve workshop, while its related tool, GolemHalt: A Deterministic Reference Monitor for AI Coding Agents, has been selected for demonstration at Black Hat Arsenal, the conference’s showcase for open-source security tools.

The company’s technology converts security, compliance and business rules written in natural language into formally verified Cedar policy-as-code. The generated rules are verified using a theorem prover, adversarially stress-tested before deployment and enforced deterministically outside the AI model. Built on a neurosymbolic architecture, the system combines neural AI models to understand agent behaviour with symbolic rules that issue allow, deny or escalate decisions.

According to Sondera, enforcing policy outside the model context window helps resist prompt injection, model drift and emergent behaviour, while stateful enforcement evaluates an agent’s actions across its entire execution.

In peer-reviewed testing on MedAgentBench, the autoformalisation pipeline covered more of an 88-rule policy than previously published hand-coded work, which implemented 23 rules, and blocked all 99 of 99 adversarial unsafe write attempts.

“The agent incidents we see today aren’t from prompt injection and hijacking. They’re from authorized humans asking authorized agents to do legitimate tasks, like analyzing a financial file or configuring a server,” said Josh Devon, Co-founder and CEO of Sondera. The platform is currently available in private beta.

LEAVE A REPLY

Please enter your comment!
Please enter your name here