Kintsugi acts as a security chokepoint for AI agents, intercepting dangerous terminal commands and allowing users to approve, deny, or undo actions via a live TUI. It features deterministic rule-based blocking, filesystem snapshots for reversibility, and a tamper-evident hash-chained audit log.