CrabTrap: An LLM-as-a-judge HTTP proxy to secure agents in production
by pedrofranceschi on 4/21/2026, 3:29:16 PM
<a href="https://www.brex.com/journal/building-crabtrap-open-source" rel="nofollow">https://www.brex.com/journal/building-crabtrap-open-source</a>
Comments
by: yakkomajuri
Really cool! I'm also building something in this space but taking a slightly different approach. I'm glad to see more focus on security for production agentic workflows though, as I think we don't talk about it enough when it comes to claws and other autonomous agents.<p>I think you're spot on with the fact that it's so far it's been either all or nothing. You either give an agent a lot of access and it's really powerful but proportionally dangerous or you lock it down so much that it's no longer useful.<p>I like a lot of the ideas you show here, but I also worry that LLM-as-a-judge is fundamentally a probabilistic guardrail that is inherently limited. How do you see this? It feels dangerous to rely on a security system that's not based on hard limitations but rather probabilities?
4/21/2026, 11:26:04 PM
by: roywiggins
It's all fine until OpenClaw decides to start prompt injecting the judge
4/22/2026, 12:20:52 AM
by: DANmode
We’re supposed to be fixing LLM security by adding a non-LLM layer to it,<p>not adding LLM layers to stuff to make them inherently less secure.<p>This will be a neat concept for the types of tools that come <i>after</i> the present iteration of LLMs.<p>Unless I’m sorely mistaken.
4/21/2026, 11:26:22 PM