Talon

The Problem

AI coding assistants are powerful but uncontrolled. They run with full system access, no audit trail, and no way to enforce security boundaries. How do you give an AI agent real coding capabilities while maintaining production-grade security?

My Approach

Built Talon as a multi-layered orchestrator: a control plane that manages Claude Code instances running inside rootless Podman containers. Each agent gets capability-based permissions (file access, network, shell), full audit logging, and network isolation. Added a skill engine for self-improving agent capabilities and a management layer for spinning up/down agent instances.

Key Results

• Rootless Podman containers with network isolation per agent
• Capability-based permission system with granular access control
• Full audit logging for every agent action
• Skill engine enabling agent self-improvement
• Production-ready security architecture

What I Learned

Security-first design requires thinking about threat models before writing code. The hardest part wasn't the AI integration; it was building the sandbox runtime that's both secure enough to trust and flexible enough to be useful.