← Back to projects
0
NSkogstad-AUS/nskog ai security gateway

TypeScript AI security gateway with Fastify interception APIs, OPA policy support, append-only event logging, and a Next.js console.

@NSkogstad-AUS avatar
Contributors

AI Security Gateway

2026 Full-stack Engineer NSkogstad-AUS/nskog-ai-security-gateway
AI securityfastifynext.jsOPApostgresSQLsplunk

AI Security Gateway

Built to make AI-agent tool usage auditable instead of opaque. The gateway sits in front of tool calls, validates arguments, applies policy decisions, and keeps a traceable event history for approvals, denials, and executions.

I structured it as a pnpm monorepo with a Fastify gateway, Next.js console, shared schemas, connector registry, policy engines, Postgres event log, and Splunk exporter. The operations console surfaces queues, timelines, policy traces, connector inventory, and live event trends so security decisions can be reviewed after the fact.

Key Features

  • Intercepts AI-agent tool calls, validates arguments with shared schemas, and returns structured allow, deny, or approval-required decisions.:
  • Records each decision phase in an append-only event log so approvals, policy evaluations, denials, and executions can be traced by correlation ID.:
  • Includes a console for queue review, policy trace inspection, connector inventory, KPI cards, timelines, and live event streaming.:

Learnings

  • AI guardrails are easier to trust when every policy decision has a durable trace and a human-readable reason path.
  • Connector schemas and risk tiers make security controls more maintainable than hard-coding rules per tool call.
  • A lightweight operations console can turn an enforcement layer into something teams can actually inspect and operate.
© 2026 Nicolai Skogstad
views
EmailLinkedInGitHub