Driss Amiroune Kryscekk
Kryscekk
/ 01_tool_registry.py
Created
May 15, 2026 13:45
Triple defense in depth for production AI agents — companion snippets to the Dev.to article
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| Snippet 1 — Bot tool registry (read-only by construction) | |
| ========================================================== | |
| This is the entire surface area of what the Telegram bot's Claude | |
| can do. Anything not in this list does not exist for that agent. | |
| Notice what is NOT here: | |
| - No `create_*` or `update_*` or `delete_*` tools on business data | |
| - No `run_sql` or `execute_query` |
Kryscekk
/ 01_tool_registry.py
Created
May 15, 2026 13:40
Triple defense in depth for AI agents — tool registry, blocking state machine, provenance trail (anonymised, ~17k LOC origin)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| Snippet 1 — Bot tool registry (read-only by construction) | |
| ========================================================== | |
| This is the entire surface area of what the Telegram bot's Claude | |
| can do. Anything not in this list does not exist for that agent. | |
| Notice what is NOT here: | |
| - No `create_*` or `update_*` or `delete_*` tools on business data | |
| - No `run_sql` or `execute_query` |