claiim
Get startedRequest preview
Public preview

Govern AI agents before they act.

CLAIIM gives every AI agent a governed identity, binds it to a human accountability anchor, checks every action against policy, and records every ALLOW or DENY in Chron.

Try public previewSee how it works
ALLOW / DENYGate outcome
ChronAction log
10 minInstall proof
Chron / gate decisionsLIVE
Agent identitydeploy-bot
Accountability anchordevlead@engineering
ALLOWAgentdeploy-botActiondeploy:stagingResolutionOWN_AIORG
DENYAgentdeploy-botActiondeploy:productionResolutionpolicy deny
Why now

AI agents are moving from chat to action.

Governance must move from policy documents to runtime enforcement.

From chat to action

AI agents no longer just answer questions. They call APIs, commit code, send emails, and move money. Most are doing it without any runtime control layer.

IAM does not cover intent

Normal identity and access management can grant or deny a service account. It cannot evaluate whether an agent action was inside its assigned scope or who is accountable for it.

Logs are too late

Audit logs show what happened. They do not show whether it was allowed before it happened. CLAIIM enforces policy at execution time and records proof immediately after.

Identity before action. Policy before execution. Proof after every decision.

How the gate works

Understood in seconds.

Every agent action enters the gate. Identity, skill scope, and active policies are checked. ALLOW or DENY is returned with a reason. Every decision is written to Chron before the action completes.

Agentdeploy-botaction: deploy:staging
gate request
CLAIIM Gate
Identity
Skill scope
Active policies
ALLOW
DENY
Chron proof
outcome
ALLOW
agent
deploy-bot
anchor
s.kondepudi
policy
staging-v3
What CLAIIM does

Four outcomes. One control plane.

CLAIIM sits between human authority and AI action. Every agent action is checked before it happens and recorded after it happens.

Stop unauthorized actions before execution

Every agent action passes through the CLAIIM gate before it happens. ALLOW or DENY is returned with a reason. Nothing bypasses the gate.

Bind every agent to a human owner

Every agent is sponsored by a named human accountability anchor. Their identity is recorded in every gate decision. That sponsorship cannot be disclaimed.

Prove every ALLOW and DENY decision

Chron is an append-only audit trail. Every gate decision -- ALLOW and DENY -- is written immediately with agent, anchor, skill, policy, and outcome.

Keep all governance data in your environment

CLAIIM deploys in your infrastructure. Your database. Chron records, policies, and agent data never leave your environment.

Use cases

Start with one agent. Prove the boundary.

The strongest first deployment is a narrow agent with one allowed path and one blocked path. Chron gives the proof a security team can review.

DevOps Agent

ALLOW deploy:stagingDENY deploy:production

Let deployment agents work in staging while proving production actions were blocked.

Code Review Agent

ALLOW pull_request:commentDENY pull_request:merge

Allow review assistance without letting the agent approve or merge code.

Support Agent

ALLOW ticket:draft_responseDENY refund:issue

Let agents prepare customer work while keeping irreversible actions human-owned.

Finance Agent

ALLOW report:readDENY payment:approve

Give agents reporting access without letting them approve payments or move money.

Public preview

The gate is ready. Evaluate it now.

Core enforcement is complete: gate, Chron, versioned skills and policies, and human accountability anchors. Enterprise hardening continues toward GA.

Included now

  • Gate enforcement for agent actions
  • Organizational boundaries and cross-org grants
  • Versioned Skills and active Policies
  • Two-person control for privileged management
  • Chron proof for ALLOW and DENY decisions
  • Docker Compose public-preview install

Not GA yet

  • Public preview, not GA
  • Single-node deployment path today
  • Email/password preview auth
  • Sovereign air-gap and full IdP federation still hardening
Get started

Deploy inside your environment.

CLAIIM public preview ships with a guided local deployment and an agent rehearsal that proves policy-gated action in minutes. Bring one AI agent, define what it may do, and see every ALLOW or DENY recorded in Chron.

Try public previewBook walkthroughRead install guide
Runs in your environment

Public preview deploys locally or in your own infrastructure. No cloud account required. No data leaving your environment.

Guided agent rehearsal

A built-in rehearsal provisions a sample agent, defines what it may and may not do, and runs both paths through the gate.

Chron proof before you write a line

Every ALLOW and DENY is recorded in Chron with agent identity, accountability anchor, policy version, and skill version.