Agent security needs a local enforcement point, not just logs

Disclosure: I’m posting from Armorer Labs, where we work on Armorer and Armorer Guard. Most agent stacks now have traces. Traces are useful after something goes wrong, but they do not stop untrusted text from becoming tool arguments, shell commands, memory, or outbound messages. Armorer is a local control plane for running AI agents with sandboxing, approvals, credential handling, runtime health, and auditable run records: https://github.com/ArmorerLabs/Armorer Armorer Guard is the small Rust