Analysis updated 2026-05-18
Issue scoped, time-limited tokens so an AI agent can act on a user's behalf without full account access.
Deploy an MCP gateway that filters which tools each AI agent can see and call, with mid-task cancellation.
Build multi-agent pipelines where each child agent automatically has narrower permissions than its parent.
Add tamper-evident audit logs for all AI agent actions across your infrastructure.
| legant-dev/legant | ashutosh-swain-git/dahmer | audriusbutkevicius/gohashcompare | |
|---|---|---|---|
| Stars | 1 | 1 | 1 |
| Language | Go | Go | Go |
| Last pushed | — | — | 2016-07-09 |
| Maintenance | — | — | Dormant |
| Setup difficulty | hard | easy | moderate |
| Complexity | 4/5 | 1/5 | 2/5 |
| Audience | ops devops | developer | developer |
Figures from each repo's GitHub metadata at analysis time.
Requires Go and a running Postgres instance, production use also needs a Kubernetes cluster for the MCP gateway demos.
Legant is an open-source authorization system designed specifically for AI agents. When an AI agent needs to take actions on behalf of a user, like submitting expenses, booking travel, or querying a database, Legant controls exactly what the agent is allowed to do and for how long. It runs as a single self-hostable binary written in Go. The core idea is delegated authorization. Instead of giving an AI agent the same permissions as a full user, Legant issues a special token that carries fine-grained restrictions baked in: a maximum dollar amount, specific categories of actions it can perform, which services it can talk to, and how many minutes before the token expires. These constraints are embedded in a signed token that any connected service can verify on its own, without calling back to Legant every time. When one AI agent spawns another, like a planning agent delegating work to an execution agent, each level in the chain can only have the same permissions or fewer than its parent. This property prevents a sub-agent from quietly expanding its own authority. The full chain of who-delegated-to-whom is recorded inside the token itself. Legant also ships with a gateway component for the Model Context Protocol (MCP), a standard way for AI models to connect to tools and data sources. The gateway filters which tools each agent is allowed to see and call, and can kill a running agent mid-task. Tamper-evident audit logs record every agent action in a hash-chained event store. The project includes over a dozen runnable demos covering scenarios like OAuth token theft replay, multi-agent pipelines, Kubernetes-based AI infrastructure, and analytics over a real Postgres database. SDKs are available for Go, TypeScript, and Python for verifying delegation tokens in resource servers. The project requires Go and Postgres to run. It is licensed under the Apache 2.0 license, which allows free use including commercial use.
An open-source Go server that controls what AI agents can do on a user's behalf, with scoped time-limited tokens, multi-agent delegation chains, and an MCP gateway.
Mainly Go. The stack also includes Go, PostgreSQL, TypeScript.
Apache 2.0: use freely for any purpose including commercial use, you must include the license notice and state any changes.
Setup difficulty is rated hard, with roughly 30min to a first successful run.
Mainly ops devops.
This repo across BitVibe Labs
Verify against the repo before relying on details.