Rob Chuvala - security architect, building Northwoods Sentinel (https://northwoodssentinel.com).
Spent today reading github.com/cloudflare/agentic-inbox after spec'ing the same architecture from scratch this morning. Two-hour gap between my v0.1 spec and finding your reference. You shipped it cleaner.
What I'm packaging on top: a customer-facing security inbox for under-served institutions (credit unions, school districts, hospital admins, AEs). Three pieces I don't see in the reference:
-
Substrate-as-security inversion. Every email from a sender accrues baseline (register, cadence, hedging chain, idiom register). Future emails register-checked against the accrued baseline. Linguistic drift = anomaly flag. Standard AI products treat user data as risk; this protocol treats it as defense. The deeper the substrate, the harder spoofing becomes. Anomaly-via-baseline applied to email identity.
-
Governor-gating. First N interactions agent-drafts, human-approves before env.EMAIL.send() fires. Confidence-threshold below 80% = forward to human, don't bluff. Built for organizations that can't staff continuous review but need defense-in-depth that assumes the classifier loses. LLMail-Inject defeated current defenses at 208K attacks governor posture should assume the classifier loses, not succeed.
-
R2 object-lock audit trail. Immutable inbound + outbound log. Same chain-of-custody pattern security consultants need. Customer-deployable, customer-owned.
Companion piece I shipped today: SA Dashboard Kit single-file Worker, ~320 LOC, open template at https://sa-dashboard-kit.robert-chuvala.workers.dev/. Forkable. Observability for the same customer profile. MIT.
Two reasons I'm writing:
- Read-back: the security-vertical lane on top of your reference looks complementary, not redundant. If anything maps to roadmap items you already have, would rather not re-pave the road. A pointer to existing work or a Discussion would help calibrate.
- Door-open: if there's a way to be useful from the security-consulting side (sample charter for HIPAA/FERPA gating, adversarial test cases, security-vertical README, contributed Worker), happy to contribute.
Not pitching. Just want to be useful where the work overlaps.
Rob
Rob Chuvala - security architect, building Northwoods Sentinel (https://northwoodssentinel.com).
Spent today reading github.com/cloudflare/agentic-inbox after spec'ing the same architecture from scratch this morning. Two-hour gap between my v0.1 spec and finding your reference. You shipped it cleaner.
What I'm packaging on top: a customer-facing security inbox for under-served institutions (credit unions, school districts, hospital admins, AEs). Three pieces I don't see in the reference:
Substrate-as-security inversion. Every email from a sender accrues baseline (register, cadence, hedging chain, idiom register). Future emails register-checked against the accrued baseline. Linguistic drift = anomaly flag. Standard AI products treat user data as risk; this protocol treats it as defense. The deeper the substrate, the harder spoofing becomes. Anomaly-via-baseline applied to email identity.
Governor-gating. First N interactions agent-drafts, human-approves before
env.EMAIL.send()fires. Confidence-threshold below 80% = forward to human, don't bluff. Built for organizations that can't staff continuous review but need defense-in-depth that assumes the classifier loses. LLMail-Inject defeated current defenses at 208K attacks governor posture should assume the classifier loses, not succeed.R2 object-lock audit trail. Immutable inbound + outbound log. Same chain-of-custody pattern security consultants need. Customer-deployable, customer-owned.
Companion piece I shipped today: SA Dashboard Kit single-file Worker, ~320 LOC, open template at https://sa-dashboard-kit.robert-chuvala.workers.dev/. Forkable. Observability for the same customer profile. MIT.
Two reasons I'm writing:
Not pitching. Just want to be useful where the work overlaps.
Rob