Evidra – Fail closed kill-switch for AI agents running kubectl/terraform

Hi guys, I recently asked an AI agent to delete an unused folder. It used a broad pattern match and removed more than I intended. Technically it did what I asked — but not what I meant. I clicked "yes" too quickly. Luckily I had a backup. That was just files. Now imagine the same semantic mismatch applied to kubectl delete or terraform apply. This got me thinking about pre-execution guardrails for AI agents working with infrastructure. So I built Evidra — an MCP server that evaluates operations against deterministic OPA policy before execution. If an operation looks dangerous (protected namespaces, mass deletions, public S3, wildcard IAM, etc.), it blocks it. There’s no LLM in the evaluation loop. GitHub: https://github.com/vitas/evidra I intentionally kept the policy scope narrow. This isn’t a full compliance engine — it focuses only on high-impact disaster scenarios. The goal is to keep it lightweight while preventing catastrophic mistakes, so teams can experiment with AI in ops more