JK
johnkwan.me
AI Security / Agent Security / AI Assurance
AI SecurityAgent SecurityAudit HarnessEvidence

Tethermark

Open AI security audit harness for agentic repositories and local AI systems, focused on evidence-grounded static audits, supervisor QA, exports, and gated runtime validation.

Evidence registry

Problem / Scope

Tethermark is an AI security audit harness for agentic repositories and local AI systems. The near-term goal is to make security review repeatable enough to share: deterministic evidence collection, static analysis, structured findings, scoring, exports, and clear disclosures around what is validated versus still in development.

Architecture

  • Static audit pipeline for repository posture, dependency signals, secret exposure, policy files, and agent/tool boundary indicators
  • Supervisor review layer for findings, severity, evidence citations, and score explanations
  • Export path for Markdown, JSON, and website-ready artifacts
  • Runtime doctor and sandbox boundary work for local execution checks where a container runtime is available
  • Planned publication path into AISecurityBase for ranked research and newsletter content

Key Workflows / What It Proves

  • Run a repository audit and produce evidence-backed findings
  • Separate static readiness from runtime validation so claims stay bounded
  • Use repeatable fixtures and example repositories to create screenshots, reports, and launch content
  • Convert audit output into public-facing research assets without overstating assurance

Limitations

  • Runtime validation is still gated by local container backend availability and additional test coverage
  • Newer features such as chat assistant, self-learning, and benchmark flows need more validation before launch claims
  • Public examples should be rerun before posting so screenshots and findings reflect the current code state

Evidence Pack

E-TETHERMARK-001

Static audit run snapshots

Validated local fixture scans showing scored findings, static baseline behavior, and evidence-grounded output.

View registry

E-TETHERMARK-002

Runtime readiness note

Current runtime boundary and dependency status, including Docker/Podman/gVisor requirements and known blockers.

View registry

E-TETHERMARK-003

Launch content checklist

Post-by-post readiness tasks for screenshots, repository examples, feature demos, and known-gap disclosures.

View registry