July 9, 2026
When the robot intern needs a babysitter
Show HN: Policy enforcement for Claude Code, Cursor, and Codex
A tool to stop AI from doing something wildly stupid before it wrecks your files
TLDR: Kastra launched a tool that blocks coding AIs from running dangerous commands before they happen. Commenters agreed that sounds useful, but many were stuck on the bigger scandal: if your AI was close enough to wipe real customer data, your setup may already be the real disaster.
A new Show HN launch is pitching itself as the adult in the room for coding AIs: Kastra says it can block actions from tools like Claude Code, Cursor, and Codex before they happen. In plain English, it’s a bouncer for AI assistants, checking every command, file change, or database request and saying yes or no in a blink. The sales pitch is simple: don’t wait for the robot intern to break something — stop it at the door.
But the real fireworks came from the comments, where readers treated the product less like a shiny launch and more like a crime scene cleanup kit. The loudest reaction? Why on earth was an AI agent anywhere near production in the first place? One commenter dropped the kind of line that makes every engineer sweat: their Cursor agent “almost executed DELETE FROM customers” on a live database. That instantly turned the thread into a mix of horror story, roast session, and group therapy. The hot take was brutal: if your AI can touch live customer data, the problem may not be the missing guardrail — it’s the decision to hand over the keys at all.
That sparked the classic debate: is this smart safety infrastructure, or a fancy bandage for reckless setups? The security-minded crowd cheered the idea of sandbox everything and keep AI on a very short leash. Others basically joked that we’ve now invented software to stop our other software from doing “rm -rf” on our lives. The vibe was equal parts impressed, alarmed, and very, very ready with memes about robot coworkers needing supervision.
Key Points
- •Kastra markets itself as an authorization layer for AI systems that evaluates actions before execution rather than monitoring them afterward.
- •The platform says it checks prompts, tool calls, shell commands, and API requests against policy in under a millisecond.
- •Kastra Edge is presented as a local enforcement product for laptops covering Claude Code, Codex CLI, and Cursor.
- •The article includes sample allow and deny decisions, such as blocking destructive shell commands, writes to production environment files, and browser actions requiring human approval.
- •Kastra lists cloud, self-hosted, and air-gapped deployment models, multiple control plane regions, signed append-only audit logs, and support for TypeScript, Python, Go, Rust, Java, and Swift.