The AI-to-Action Protocol: Architecture of Trust
The Myrmex architecture is designed to solve the “Orchestration Challenge”: how to let an AI operate your most critical infrastructure without ever compromising security, stability, or truth. Instead of a black box, Myrmex uses a transparent, 7-layer protocol that ensures every action is authorized, encrypted, and verified against the Ground Truth of the operating system.
🏗️ The 7-Layer Security Model
Every request from the AI Mind to the physical Endpoint Agent travels through these rigorous validation layers:1. Intent Analysis (AI Layer)
Perseus or Hydra analyzes the user’s natural language request. It selects the specific EDR Primitive required and prepares the parameters.2. Authorization (Platform Layer)
The Platform API validates the user’s JWT token, environment scope, and specific device permissions according to the IAM policies. If the user isn’t authorized to “Kill Process” on that specific server, or a Security Policy blocks the request (e.g., outside business hours), the request is blocked before it even enters the tunnel.3. Route to Tunnel
The platform identifies the specific myrmex-tunnel service where the agent is currently connected via WebSocket.4. End-to-End Encryption
The command is serialized and encrypted using AES-256-GCM. The platform uses a unique key per agent, ensuring that even if the tunnel itself were compromised, the commands remain unreadable and untamperable.5. Execution Gateway (Ruler)
The Agent’s Ruler Engine receives the command. It performs a final local check:- Is the command compatible with this OS version?
- Are the required privileges (root/admin) available?
- Does the command fall within safety resource limits?
6. Local OS Execution
The command is executed via native OS APIs (PowerShell, Bash, or Zsh). Zero Persistence: No scripts are written to disk; execution happens in-memory or via direct syscalls.7. Ground Truth Return
The raw OS response (stdout, stderr, exit codes) is captured, encrypted, and streamed back. The AI never simulates data—it only reasons based on this verified “Ground Truth.”🧠 Core Philosophy: Ground Truth Only
The most dangerous failure in AI orchestration is “hallucination”—the AI assuming a system state that doesn’t exist. Myrmex architecture is built to prevent this:- No Assumptions: If an agent asks for a file list and the network fails, the AI reports a “Connectivity Failure,” never a guess.
- Verification Loop: After a “Restart Service” command, the agent automatically waits and executes a “Get Service Status” to verify the success before reporting back to the user.
- Deterministic Primitives: We provide 100+ fixed functions rather than “free-form shell access” where possible, reducing the risk of unintended side effects.
📊 Operational Resilience
| Phase | Component | Security Guarantee |
|---|---|---|
| Request | Perseus / Hydra | Validated Intent |
| Transport | Secure Tunnel | TLS 1.3 + AES-256-GCM |
| Execution | Endpoint Agent | In-Memory (No Persistence) |
| Verification | Syncer Engine | Ground Truth Validation |
By separating the Mind (Cloud reasoning) from the Body (Local execution), Myrmex ensures that your sensitive data stays within your network while gaining the full power of global AI intelligence.