A bit more on the architecture:
Each layer is a middleware that wraps the agent's execution loop. When an agent calls a tool or spawns a subagent, the request passes through the stack:
Agent Request → SUTRA (rate limit) → DHARMA (permissions) → SANGHA (skill check) → KARMA (cost) → Execute
↓
Agent Response ← SILA (audit log) ← METTA (sign) ← BODHI (isolate) ← NIRVANA (kill if needed) ←
Policies are YAML:
yamlpermissions:
file_system:
read: ["/data/*"]
write: []
network:
allowed_domains: ["api.anthropic.com"]
cost:
max_per_request: 0.10
max_per_session: 5.00kill_conditions:
- token_count > 100000
- execution_time > 300s
- error_rate > 0.5
The key insight from running agents in production: most failures aren't the model being malicious — they're the model being helpful in ways you didn't anticipate. DHARMA and SANGHA catch those before they execute.
Happy to go deeper on any layer.
No comments yet.