UltraSushiTron mascot

Your AI. Your Secrets.
Your Control.

A security-first AI agent framework where humans approve every secret access. Zero-knowledge architecture means your AI never sees plaintext secrets.

Get Started View Docs

Capabilities

Built for Security, Designed for Developers

Every layer is designed to keep secrets safe while letting AI agents do their work.

πŸ”

Isolated Secrets Agent

Secrets live in a separate Rust microservice with no network access. Unix socket only. Air-gapped by design.

πŸ‘

Context-Aware Approvals

See exactly what your AI wants to do with a secret before granting access. Full context, no blind trust.

🚫

Zero-Knowledge Core

The AI core never sees plaintext secrets. Encrypted values are injected only after user approval, then wiped.

🧩

Typed Plugin System

Four plugin types (Tool, Channel, Provider, Memory) with capability-enforced WASM sandbox and marketplace security pipeline.

πŸ”—

Hash-Chained Audits

Every action is recorded in a tamper-proof, Ed25519-signed, hash-chained audit log. Full accountability.

🧠

Semantic Memory

AES-256-GCM encrypted memory store with vector search. Categorized as Learning, Decision, Pattern, Solution, or Error.

⏰

Task Scheduler

Cron-based scheduled tasks for memory consolidation, cleanup, and custom jobs with execution logging.

πŸ› 

11 Built-in Tools

Read, Write, Edit, Bash, Grep, Glob, HttpFetch, WebSearch, Diff, Patch, ListDir β€” everything an agent needs.

Architecture

Multi-Zone Security Architecture

Defense in depth with three isolated security zones.

πŸ“±
Zone 0 β€” Secure Enclave
Mobile App
Secret approval, admin dashboard, push notifications, biometric auth
WebSocket + E2E Encryption
πŸ”’
Zone 1 β€” Air-Gapped
Secrets Agent
SQLite vault, AES-256-GCM encryption, Unix socket only
Unix Socket (gRPC)
πŸ€–
Zone 2 β€” Full Access
AI Core
LLM orchestration, 11 tools, WASM sandbox for plugins

How It Works

See It in Action

A tool requests a secret β€” the user approves on their phone β€” the agent continues.

Agent requests API key json 
{
  "tool": "HttpFetch",
  "arguments": {
    "url": "https://api.example.com/data",
    "method": "GET",
    "headers": {
      "Authorization": "Bearer {{secret:api_key}}"
    }
  }
}
User receives approval request text 
πŸ“± Secret Request
─────────────────────────
Secret: api_key (API_KEY)
Tool:   HttpFetch
Reason: GET https://api.example.com/data
Duration: One-time use

        [Approve]  [Deny]

Enterprise-Grade Cryptography

πŸ”‘ Ed25519 Signatures
πŸ”’ AES-256-GCM
🀝 X25519 ECDH
🧊 Argon2id KDF
🧩 WASM Sandbox
πŸ“‹ SHA-256 Hash Chains

Integrations

Manage Secrets From Your Chat

Bidirectional chat connectors let your team request, approve, and rotate secrets without leaving their favorite platform.

Slack

Slash commands with Block Kit responses, thread replies, and interactive approval workflows.

Channel Plugin

Telegram

Inline bot commands with HTML formatting, reply threading, and real-time notifications.

Channel Plugin

Discord

Slash commands with rich embeds, ephemeral responses, and color-coded status indicators.

Channel Plugin

Mobile App

Manage sessions, approve secret requests, and chat with your AI agent directly from your phone.

Mobile App

Ready to Take Control?

Get started with UltraSushiTron in minutes.

Install bash 
git clone https://github.com/jaikoo/UltraSushiTron.git
cd UltraSushiTron
cargo build --release
Read the Docs