Project summary
Faramesh is a deterministic runtime policy and evidence layer for AI agent tool calls, MCP/API governance, and local agent action authorization.
Project description
Faramesh provides a local enforcement point for AI agent actions before they execute. It lets teams declare policy for tool calls, MCP operations, API calls, credentials, budgets, approvals, and audit evidence, then evaluates those decisions deterministically through a daemon and SDK/proxy integration paths. The goal is to give cloud native teams a portable control layer for agentic systems where model output can trigger real infrastructure, SaaS, data, financial, or customer-facing side effects.
Faramesh is not a model gateway or prompt firewall. It focuses on the runtime action boundary: whether an agent is allowed to call a tool, use a credential, invoke an API, or continue a workflow. Decisions are recorded through local audit/evidence primitives so operators can debug, replay, and verify what happened. The in-scope project includes the runtime, policy engine, Faramesh Policy Language (FPL), SDKs, registry, docs, and local audit/evidence basics.
The project is early but active, with the primary repository currently at 91 GitHub stars, 17 forks, and 8 listed contributors.
Org repo URL (provide if all repos under the org are in scope of the application)
N/A - not all repositories under https://github.com/faramesh are in scope of this application.
Project repo URL in scope of application
https://github.com/faramesh/faramesh-core
Additional repos in scope of the application
https://github.com/faramesh/faramesh-docs
https://github.com/faramesh/faramesh-registry
https://github.com/faramesh/faramesh-python-sdk
https://github.com/faramesh/faramesh-typescript-sdk
https://github.com/faramesh/fpl-lang
https://github.com/faramesh/.project
Only these repositories are in scope. Other repositories in the GitHub organization are outside this application.
Website URL
https://faramesh.dev
Roadmap
https://github.com/faramesh/faramesh-core/blob/main/ROADMAP.md
Roadmap context
The roadmap focuses on:
CNCF readiness and neutral project governance;
a stable decision plane contract for SDKs, MCP proxies, API gateways, and adapters;
a context-aware policy engine with deterministic evaluation;
MCP and API governance for agent action surfaces;
evidence, audit, and replay workflows;
neutral community registry growth;
deployment hardening for local, Kubernetes, CI/CD, and serverless environments.
Contributing guide
https://github.com/faramesh/faramesh-core/blob/main/CONTRIBUTING.md
Code of Conduct (CoC)
https://github.com/faramesh/faramesh-core/blob/main/CODE_OF_CONDUCT.md
Adopters
No formal adopters file yet. Current adoption is individual developers only.
Maintainers file
https://github.com/faramesh/.project
Security policy file
https://github.com/faramesh/faramesh-core/blob/main/SECURITY.md
Standard or specification?
Faramesh includes FPL, the Faramesh Policy Language, which is a project-owned policy language for agent action governance. The language specification and conformance work live in:
https://github.com/faramesh/fpl-lang
FPL is not being submitted as an external standards body specification.
Business product or service to project separation
Faramesh may be used by commercial products or services, including products built by maintainers or third parties. The in-scope Faramesh project is intended to remain independently useful as an open source runtime, policy language, SDK, registry, and documentation set.
Commercial offerings may package, support, host, or integrate with Faramesh, but they do not control project governance and are not required for the open source decision path. Development for the donated project will remain in public repositories with DCO-based contribution flow, public review, and maintainer governance. Enterprise control planes, managed connector catalogs, hosted sandboxes, multi-tenant UI platforms, fleet management, SSO/RBAC/SCIM, premium integrations, and commercial support offerings are outside the project scope unless separately contributed in the future.
Why CNCF?
AI agents are increasingly being deployed in cloud native environments: Kubernetes clusters, CI/CD systems, serverless runtimes, internal platforms, developer environments, and SaaS-integrated workflows. These systems need the same qualities the cloud native ecosystem has built for other production workloads: declarative control, workload identity, least privilege, observability, auditability, portability, and neutral governance.
CNCF is the right home for Faramesh because the project sits at the intersection of runtime authorization, workload identity, policy-as-code, observability, and cloud native operations. A neutral foundation home would help Faramesh avoid becoming a single-vendor control surface for agent security and would encourage broader participation from platform, security, AI infrastructure, and agent framework communities.
Benefit to the landscape
Faramesh adds a focused runtime action-governance layer for AI agents. Existing cloud native projects cover adjacent layers: service networking, API gateways, workload identity, observability, admission control, and general policy. Faramesh addresses the agent-specific question: before an agent performs a tool/API/MCP action, should this action be permitted, denied, deferred for human approval, rate limited, budget checked, credential scoped, and recorded as evidence?
This benefits the landscape by giving teams a portable and deterministic enforcement point for agent side effects, without requiring a hosted service in the decision path.
Cloud native 'fit'
Faramesh is cloud native because it is designed for dynamic, distributed workloads that need policy, identity, observability, and operational safety:
it runs locally with agents as a daemon/proxy/SDK integration path;
it can be deployed in developer environments, CI/CD, Kubernetes, serverless, and other runtime environments;
it supports workload identity patterns such as SPIFFE/SVID, OIDC, and cloud workload identity;
it records local evidence and audit data before actions complete;
it supports policy-as-code workflows through FPL and registry imports;
it can integrate with external audit and observability systems without placing them in the enforcement path.
Cloud native 'integration'
Faramesh can complement:
Kubernetes: deployment target for agents and Faramesh sidecars/daemons.
OpenTelemetry: export path for runtime health, metrics, traces, and decision observability.
SPIFFE/SPIRE: workload identity for agents and policy subjects.
Envoy and API gateway patterns: adjacent API enforcement surface; Faramesh focuses on agent action decisions.
OPA: general-purpose policy ecosystem; Faramesh can consume or complement external policy/context while specializing in agent tool-call decisions.
Cloud native overlap
Faramesh overlaps partially with several CNCF areas but has a narrower agent-action focus:
OPA/Gatekeeper/Kyverno: general policy/admission control. Faramesh focuses on runtime agent tool/API/MCP decisions rather than Kubernetes admission alone.
Envoy/API gateway projects: API request mediation. Faramesh focuses on the agent action semantics and evidence path around tool calls.
OpenTelemetry: observability data. Faramesh produces decision/evidence data that can be exported to observability systems.
SPIFFE/SPIRE: workload identity. Faramesh uses identity as policy input rather than replacing identity infrastructure.
Similar projects
Similar or adjacent projects include:
Open Policy Agent / Rego
Cedar / Amazon Verified Permissions
Cerbos
OpenFGA
Aserto
Envoy ext_authz-style authorization systems
MCP gateway and agent gateway projects
model gateway and LLM guardrail products, which are adjacent but operate at a different layer
Faramesh differentiates by focusing on deterministic, local, pre-execution authorization for AI agent actions across tool calls, MCP/API operations, credentials, audit evidence, and policy-as-code.
Landscape
No, Faramesh is not currently listed on the CNCF Cloud Native Landscape.
Insights
No, Faramesh is not currently listed on LFX Insights.
Trademark and accounts
IP policy
Will the project require a license exception?
N/A. In-scope code repositories have been updated to Apache-2.0. Documentation is licensed under CC-BY-4.0. The project does not expect to require a license exception for project code. Dependency license review can be completed during onboarding through CNCF-supported tooling.
DCO has been enabled for the Faramesh GitHub organization.
Project "Domain Technical Review"
No formal TAG review has been completed yet. The project would welcome review from relevant CNCF TAGs, especially around security, runtime, identity, observability, and AI-related cloud native operations.
Application contact email(s)
mailto:support@faramesh.dev, amjad@faramesh.dev, mjaad7z@proton.me
Contributing or sponsoring entity signatory information
Individual signatory:
There is no company or legal entity submitting this application at this time.
POLAK-K is a maintainer account and is not listed as an asset owner/signatory.
CNCF contacts
The project maintainers identified Lin Sun as familiar with the project:
https://www.linkedin.com/in/ACoAAABLihcBuozqLyftNtauegAdN2-QszsmqQQ
This is not presented as TOC sponsorship.
Additional information
The project has prepared the following CNCF-readiness items before filing:
Apache-2.0 licensing for in-scope code repositories;
CC-BY-4.0 licensing for documentation;
DCO-based contribution policy;
org-wide DCO app installation;
security policy with GitHub Security Advisory and security@faramesh.dev reporting paths;
governance, maintainer, roadmap, Code of Conduct, and .project metadata;
project/product separation cleanup in the in-scope repositories;
neutral community registry scope.
The project understands that it cannot represent itself as donated, contributed, accepted, or an official CNCF project until the CNCF process is complete.
Project summary
Faramesh is a deterministic runtime policy and evidence layer for AI agent tool calls, MCP/API governance, and local agent action authorization.
Project description
Faramesh provides a local enforcement point for AI agent actions before they execute. It lets teams declare policy for tool calls, MCP operations, API calls, credentials, budgets, approvals, and audit evidence, then evaluates those decisions deterministically through a daemon and SDK/proxy integration paths. The goal is to give cloud native teams a portable control layer for agentic systems where model output can trigger real infrastructure, SaaS, data, financial, or customer-facing side effects.
Faramesh is not a model gateway or prompt firewall. It focuses on the runtime action boundary: whether an agent is allowed to call a tool, use a credential, invoke an API, or continue a workflow. Decisions are recorded through local audit/evidence primitives so operators can debug, replay, and verify what happened. The in-scope project includes the runtime, policy engine, Faramesh Policy Language (FPL), SDKs, registry, docs, and local audit/evidence basics.
The project is early but active, with the primary repository currently at 91 GitHub stars, 17 forks, and 8 listed contributors.
Org repo URL (provide if all repos under the org are in scope of the application)
N/A - not all repositories under https://github.com/faramesh are in scope of this application.
Project repo URL in scope of application
https://github.com/faramesh/faramesh-core
Additional repos in scope of the application
https://github.com/faramesh/faramesh-docs
https://github.com/faramesh/faramesh-registry
https://github.com/faramesh/faramesh-python-sdk
https://github.com/faramesh/faramesh-typescript-sdk
https://github.com/faramesh/fpl-lang
https://github.com/faramesh/.project
Only these repositories are in scope. Other repositories in the GitHub organization are outside this application.
Website URL
https://faramesh.dev
Roadmap
https://github.com/faramesh/faramesh-core/blob/main/ROADMAP.md
Roadmap context
The roadmap focuses on:
CNCF readiness and neutral project governance;
a stable decision plane contract for SDKs, MCP proxies, API gateways, and adapters;
a context-aware policy engine with deterministic evaluation;
MCP and API governance for agent action surfaces;
evidence, audit, and replay workflows;
neutral community registry growth;
deployment hardening for local, Kubernetes, CI/CD, and serverless environments.
Contributing guide
https://github.com/faramesh/faramesh-core/blob/main/CONTRIBUTING.md
Code of Conduct (CoC)
https://github.com/faramesh/faramesh-core/blob/main/CODE_OF_CONDUCT.md
Adopters
No formal adopters file yet. Current adoption is individual developers only.
Maintainers file
https://github.com/faramesh/.project
Security policy file
https://github.com/faramesh/faramesh-core/blob/main/SECURITY.md
Standard or specification?
Faramesh includes FPL, the Faramesh Policy Language, which is a project-owned policy language for agent action governance. The language specification and conformance work live in:
https://github.com/faramesh/fpl-lang
FPL is not being submitted as an external standards body specification.
Business product or service to project separation
Faramesh may be used by commercial products or services, including products built by maintainers or third parties. The in-scope Faramesh project is intended to remain independently useful as an open source runtime, policy language, SDK, registry, and documentation set.
Commercial offerings may package, support, host, or integrate with Faramesh, but they do not control project governance and are not required for the open source decision path. Development for the donated project will remain in public repositories with DCO-based contribution flow, public review, and maintainer governance. Enterprise control planes, managed connector catalogs, hosted sandboxes, multi-tenant UI platforms, fleet management, SSO/RBAC/SCIM, premium integrations, and commercial support offerings are outside the project scope unless separately contributed in the future.
Why CNCF?
AI agents are increasingly being deployed in cloud native environments: Kubernetes clusters, CI/CD systems, serverless runtimes, internal platforms, developer environments, and SaaS-integrated workflows. These systems need the same qualities the cloud native ecosystem has built for other production workloads: declarative control, workload identity, least privilege, observability, auditability, portability, and neutral governance.
CNCF is the right home for Faramesh because the project sits at the intersection of runtime authorization, workload identity, policy-as-code, observability, and cloud native operations. A neutral foundation home would help Faramesh avoid becoming a single-vendor control surface for agent security and would encourage broader participation from platform, security, AI infrastructure, and agent framework communities.
Benefit to the landscape
Faramesh adds a focused runtime action-governance layer for AI agents. Existing cloud native projects cover adjacent layers: service networking, API gateways, workload identity, observability, admission control, and general policy. Faramesh addresses the agent-specific question: before an agent performs a tool/API/MCP action, should this action be permitted, denied, deferred for human approval, rate limited, budget checked, credential scoped, and recorded as evidence?
This benefits the landscape by giving teams a portable and deterministic enforcement point for agent side effects, without requiring a hosted service in the decision path.
Cloud native 'fit'
Faramesh is cloud native because it is designed for dynamic, distributed workloads that need policy, identity, observability, and operational safety:
it runs locally with agents as a daemon/proxy/SDK integration path;
it can be deployed in developer environments, CI/CD, Kubernetes, serverless, and other runtime environments;
it supports workload identity patterns such as SPIFFE/SVID, OIDC, and cloud workload identity;
it records local evidence and audit data before actions complete;
it supports policy-as-code workflows through FPL and registry imports;
it can integrate with external audit and observability systems without placing them in the enforcement path.
Cloud native 'integration'
Faramesh can complement:
Kubernetes: deployment target for agents and Faramesh sidecars/daemons.
OpenTelemetry: export path for runtime health, metrics, traces, and decision observability.
SPIFFE/SPIRE: workload identity for agents and policy subjects.
Envoy and API gateway patterns: adjacent API enforcement surface; Faramesh focuses on agent action decisions.
OPA: general-purpose policy ecosystem; Faramesh can consume or complement external policy/context while specializing in agent tool-call decisions.
Cloud native overlap
Faramesh overlaps partially with several CNCF areas but has a narrower agent-action focus:
OPA/Gatekeeper/Kyverno: general policy/admission control. Faramesh focuses on runtime agent tool/API/MCP decisions rather than Kubernetes admission alone.
Envoy/API gateway projects: API request mediation. Faramesh focuses on the agent action semantics and evidence path around tool calls.
OpenTelemetry: observability data. Faramesh produces decision/evidence data that can be exported to observability systems.
SPIFFE/SPIRE: workload identity. Faramesh uses identity as policy input rather than replacing identity infrastructure.
Similar projects
Similar or adjacent projects include:
Open Policy Agent / Rego
Cedar / Amazon Verified Permissions
Cerbos
OpenFGA
Aserto
Envoy ext_authz-style authorization systems
MCP gateway and agent gateway projects
model gateway and LLM guardrail products, which are adjacent but operate at a different layer
Faramesh differentiates by focusing on deterministic, local, pre-execution authorization for AI agent actions across tool calls, MCP/API operations, credentials, audit evidence, and policy-as-code.
Landscape
No, Faramesh is not currently listed on the CNCF Cloud Native Landscape.
Insights
No, Faramesh is not currently listed on LFX Insights.
Trademark and accounts
IP policy
Will the project require a license exception?
N/A. In-scope code repositories have been updated to Apache-2.0. Documentation is licensed under CC-BY-4.0. The project does not expect to require a license exception for project code. Dependency license review can be completed during onboarding through CNCF-supported tooling.
DCO has been enabled for the Faramesh GitHub organization.
Project "Domain Technical Review"
No formal TAG review has been completed yet. The project would welcome review from relevant CNCF TAGs, especially around security, runtime, identity, observability, and AI-related cloud native operations.
Application contact email(s)
mailto:support@faramesh.dev, amjad@faramesh.dev, mjaad7z@proton.me
Contributing or sponsoring entity signatory information
Individual signatory:
There is no company or legal entity submitting this application at this time.
POLAK-K is a maintainer account and is not listed as an asset owner/signatory.
CNCF contacts
The project maintainers identified Lin Sun as familiar with the project:
https://www.linkedin.com/in/ACoAAABLihcBuozqLyftNtauegAdN2-QszsmqQQ
This is not presented as TOC sponsorship.
Additional information
The project has prepared the following CNCF-readiness items before filing:
Apache-2.0 licensing for in-scope code repositories;
CC-BY-4.0 licensing for documentation;
DCO-based contribution policy;
org-wide DCO app installation;
security policy with GitHub Security Advisory and security@faramesh.dev reporting paths;
governance, maintainer, roadmap, Code of Conduct, and .project metadata;
project/product separation cleanup in the in-scope repositories;
neutral community registry scope.
The project understands that it cannot represent itself as donated, contributed, accepted, or an official CNCF project until the CNCF process is complete.