What is Faramesh Labs?

Faramesh Labs is the execution control layer for AI agents. It provides policy-based governance, approval workflows, and production safety for autonomous systems.

How do I install Faramesh Labs?

You can install Faramesh Labs using Homebrew (brew install faramesh/tap/faramesh), Git, Go, or npm. Full install and setup docs are on docs.faramesh.dev.

Is Faramesh Labs production-ready?

Yes, Faramesh Labs is production-ready. It includes governance controls, approval workflows, and comprehensive logging for enterprise deployments.

What kind of agents does Faramesh Labs support?

Faramesh Labs supports all types of AI agents including coding agents, data agents, research agents, and custom autonomous systems.

Integrations

One layer. Every framework. Every cloud.

Faramesh slots into the stack you already run. 13 agent frameworks, six credential brokers, the major observability platforms, and SPIFFE for workload identity. Drop it in. Keep your stack.

Agent frameworks

13 frameworks. Auto-patched at runtime.

Run faramesh and your framework's tool dispatch is patched at process start. No decorators, no wrappers, no code changes.

faramesh / shell

$faramesh run agent.py

faramesh:detected langgraph 0.2.45faramesh:patched Graph.dispatch (3 nodes)faramesh:loaded policy payment-bot.fpl (v23)faramesh:ready

agent: starting

Supported frameworks

LangChain

LangGraph

CrewAI

AutoGen

Pydantic AI

Google ADK

LlamaIndex

AWS Strands

OpenAI Agents

Smolagents

Haystack

Deep Agents

MCP Servers

Don't see yours?We add framework patches with design partners.

Credential brokers

Your secrets stay in your vault.

Faramesh never stores credentials. When a policy permits a tool call, it fetches the secret from your broker just-in-time and injects it into the call.

JUST-IN-TIME

Bring your own broker.

Faramesh requests the secret from your broker only when a policy permits the call. The agent never sees raw credentials.

Supported brokers

HashiCorp VaultAWS Secrets ManagerGCP Secret ManagerAzure Key Vault1Password ConnectInfisical

Observability & Identity

Plug into the stack you already run.

Faramesh sends operational data to your existing dashboards and uses your existing identity system to track who's making each call.

Observability

Metrics in your existing dashboards.

Faramesh exposes a Prometheus-compatible /metrics endpoint. Scrape it with whatever you already use.

Prometheus

Grafana

Datadog

New Relic

Identity

Real identities on every call.

Agents get cryptographic workload identities. Humans approve through your existing single sign-on.

Okta

Auth0

Google Workspace

Deployment modes

Four ways to deploy. Pick what fits your stack.

Faramesh ships in shapes that match how teams actually run agents in production. Same enforcement, same audit format, same policies regardless of mode.

Sidecar

Run alongside your agent process.

Best forProduction agents in Kubernetes or container platforms

Deploy as a sidecar container in the same pod as your agent. Tool calls cross a unix socket. Lowest latency, strong isolation, fits standard cloud-native patterns.

Latency

Isolation

Setup

Runtime Enforcement

What we enforce, where.

Enforcement strength depends on what the operating system gives us. Use this as a deployment guide.

Linux (with root)

Strong

Full enforcement available. Recommended for production.

seccomp-BPFLandlocknetwork namespaces

Linux (rootless)

Moderate

Most enforcement available. Some kernel-level features unavailable.

seccomp-BPFLandlock (where available)

macOS

Partial

Process-level isolation. Network and filesystem enforcement limited.

Endpoint Security frameworksandbox-exec

Windows

Partial

Process and credential controls. Kernel-level isolation requires additional setup.

AppContainerJob Objects

Serverless / FaaS

Credential only

Syscall sandboxing unavailable in managed environments. Enforcement happens at the credential broker.

Vault / Secrets Manager policy gating

Audit logging works identically across all platforms. Tamper-evident records, hash-chained, regardless of how strong the runtime sandbox is.

Keep exploring

One platform. Three pillars.

PLATFORM

Runtime Enforcement

Pre-execution control of every tool call. Non-bypassable across 13 frameworks.

PLATFORM

Policy Engine

Deterministic verdicts in microseconds. FPL, YAML, or Python annotations.

PLATFORM

Audit & Compliance

Hash-chained tamper-evident records. Replay any decision, any time.

Get started

Ship your agents to production.

Every agent you deploy deserves a policy, an audit log, and a human in the loop.

Early access View on GitHub

Open source. Self-hosted or cloud. No credit card required.