Foreman

Bad agents always blame their tools. Foreman doesn't care.

One skill for agent-tool safety. Foreman inspects tool ideas, schemas, MCP servers, OpenAPI actions, and pull requests. If the model can invent authority, cross tenants, send messages, move money, delete records, run code, or hide behind payload: any, work stops until the boundary is safe.

$npx skills add blairhudson/foreman --skill foreman
View on GitHub
Defensive Tool Design book cover

Defensive Tool Design

The key to building better AI agents.

Foreman was built from this book. It takes the lessons and turns them into one practical skill you can run against tool ideas, schemas, MCP servers, workflows, and PRs.

The book shows how to put safety into the tool itself: purpose, schema, permissions, side effects, approvals, retries, audit trails, observability, and evals. Prompts can ask for care. Boundaries make care enforceable.

Buy KindleBuy Paperback

About the author:Blair Hudson is an Australian AI and software engineering leader working on generative AI at one of Australia's largest banks. His work sits where agents, platform engineering, software architecture, security, and regulated production systems meet.