Become a sponsor to Fabio Marcello Salvadori
π€ Open building blocks to secure and optimize AI agents
Hi, I'm Fabio. I maintain a small set of open, Apache-2.0 tools that make AI
agents safer to trust and cheaper to run. Your sponsorship keeps them
maintained, signed, and independent. π
π‘οΈ Safety: trust what the agent does
- PIC Standard (flagship).
Agents must prove intent, provenance, and evidence before any high-impact
tool call. Fail-closed against prompt injection and hallucinated actions. - command-scope-contract.
Bounded shell and CLI execution for agents: policy-gated, hardened runtime,
signed receipts.
β‘ Performance: run agents leaner
- ghost-reader.
Token-frugal web reading for agents, around 20x fewer input tokens than
browser-everything approaches. - NCP (Neural Computation Protocol).
Composable, sandboxed execution graphs for faster, replayable agent runs.
Where your sponsorship goes
- π CI and the cross-implementation conformance and test suites
- π Release signing (Sigstore and SSH) and supply-chain integrity
- π Independent security review of the trust and causal logic
- π§° Ongoing maintenance across all four repos
Two fronts, one mission: agents you can trust, running at a cost you can afford.
Thanks for helping keep this work open. π
Help me keep maintaining my open-source toolkit for AI agents, on both fronts: safety (PIC Standard, command-scope-contract) and performance (ghost-reader, NCP). Sponsorships fund CI, release signing, conformance tests, and security review across all four Apache-2.0 repos. Every sponsor keeps this work open and independent. π
Featured work
-
madeinplutofabio/neural-computation-protocol
Neural Computation Protocol (NCP): composable, sandboxed Bricks + graphs for auditable, replayable agentic systems.
Rust 14 -
madeinplutofabio/command-scope-contract
Bounded shell and CLI execution for AI agents: structured contracts, policy-gated execution, hardened Linux runtime enforcement, and signed receipts.
Python 1 -
madeinplutofabio/ghost-reader
Token-frugal web reader for AI agents. Staged extraction (raw HTML β embedded framework JSON β browser fallback) cuts agent input tokens by ~20Γ vs browser-everything approaches.
HTML
0% towards 10 monthly sponsors goal
Be the first to sponsor this goal!
$5 a month
SelectSupporter π
Back open, Apache-2.0 tooling for safer and leaner AI agents (PIC Standard, command-scope-contract, ghost-reader, NCP).
- Sponsor badge on your profile
- My genuine thanks, and you help keep this work independent
$25 a month
SelectBuilder
For developers and small teams using any part of the stack.
- Your name or small logo, with a link, in the backers section of all four repo READMEs
- Listed in
BACKERS.md - Sponsor badge on your profile
$100 a month
SelectTeam
For companies relying on the stack.
- Your logo and link on the project site (madeinpluto.com/pic) and across all four repo READMEs
- Best-effort priority on your integration questions
- Everything in lower tiers
$500 a month
SelectStandards Partner
For organizations that want this work to succeed, and to be seen backing it.
- Prominent logo on madeinpluto.com/pic, across all four repo READMEs, and in the docs
- Credit in release notes
- Early input on the roadmap (PIC Impact Classes, NCP, command-scope)
- Everything in lower tiers
$1,300 a month
SelectIntegration Support
I join one of your team channels (Slack or Teams) and answer your engineers' questions on integrating and running PIC and the rest of the stack.
- Async, best-effort, usually within 1 to 2 business days (Europe/Rome hours)
- Covers integration, configuration, and usage
- Not a 24/7 SLA, not incident response, not custom feature development
- Month to month, cancel anytime
- Includes the Standards Partner recognition perks