Zora Agent:local AI agent that can't be hijacked mid-task by context compaction

Built this after watching agents go rogue because their safety instructions got compressed away mid-task. Summer Yue's inbox incident this week is exactly the failure mode I designed around. The core problem: "confirm before acting" lives in chat history. Chat history gets compacted. Instruction disappears. The agent keeps going. Zora uses HMAC-SHA256 signed intent capsules that travel separately from the conversation context. Compaction can't touch them. The original mandate stays intact no matter how long the task runs. Three commands to try it: npm i -g zora-agent zora init zora ask "summarize files in ~/Projects" Multi-model with automatic failover (Claude, Gemini, Ollama). Policy file controls exactly what it can touch. Full audit log. OWASP LLM Top 10 hardened. MIT. Happy to answer questions about the security architecture.

This looks like serious improvement. Worth a serious look and evaluation.