Hacker News
Brex Open-Sources CrabTrap: LLM-as-a-Judge HTTP Proxy to Secure AI Agents in Production
Brex released CrabTrap, an open-source forward proxy that intercepts outbound HTTP requests from AI agents and uses an LLM judge to evaluate them against natural-language security policies. Features include TLS termination with custom CA generation, SSRF protection with DNS-rebinding prevention, and prompt injection defense via JSON-encoding of request payloads. Notable limitation: it only evaluates outbound requests — responses from upstream APIs stream back unexamined. 118 points and 46 comments on HN.
↳ Follow the thread