Hi HN, I'm a builder.
I've been building AI agents for a while now and kept running into the same problems. Agent gets stuck in a loop. Prompt injection sneaks through. No one reviews the dangerous actions. And when you're shipping to production, there's this nagging question: "is this thing actually safe to deploy?"
So I built Inkog (inkog.io). It's basically a pre-flight check for AI agents.
You point it at your agent code (LangGraph, CrewAI, AutoGen, n8n, or even your custom Python agent) and it maps out the logic and tells you what's wrong BEFORE you ship.
*What it catches:*
- Logic flaws (infinite loops, unbounded recursion, growing context)
- Injection risks (user input flowing to system prompts, SQL via LLM)
- Missing oversight (no human-in-the-loop for dangerous actions)
- Compliance gaps (EU AI Act Article 14, NIST AI RMF mappings)
There's 20+ detection patterns already, and I built a YAML rules engine so you can define your own. Useful if your company has specific policies.
*Quickest way to try:*
https://app.inkog.io – paste code, see results in 10 seconds
*CLI:*
curl -fsSL https://inkog.io/install.sh | sh
inkog ./my_agent
*CI/CD:*
One-click GitHub Action setup on the website. OAuth flow, takes 30 seconds.
Apache 2.0, secrets are redacted locally before upload.
Honestly curious what you think. Does pre-flight checking for agents make sense? Or is this overkill?
Repo: https://github.com/inkog-io/inkog
reply