Any OpenAI-compatible provider works - OpenRouter, Azure OpenAI, Groq, Together, etc. Clampd intercepts tool calls after the LLM responds, so it doesn't matter which provider you use.
This is the "agent with a hammer" problem. The agent is optimized to make changes, so it changes things even when it shouldn't. What's missing is a feedback loop that says "your change made things worse."
It's great to see more security critical software being built in Rust. Memory safety in crypto code is exactly where Rust shines; one use after free in an HSM and your keys are gone. How are you handling side-channel resistance?
reply