claiim
Get startedRequest preview
Product

Govern AI agents before they act.

CLAIIM gives every AI agent a governed identity, binds it to a human accountability anchor, checks every action against policy, and records every ALLOW or DENY in Chron.

Try public previewRead onboarding
The problem

AI agents are acting. Most orgs cannot answer:

  • Which agent acted?
  • Who authorized it?
  • Was it allowed by policy?
  • What skill governed the action?
  • What proof exists afterward?

CLAIIM makes every one of those questions answerable before the action and after it.

The CLAIIM model

Three parts. One control plane.

01

Agent Identity

Every agent has a governed identity, a lifecycle state, and a human accountability anchor. The human who sponsors an agent is recorded in every gate decision. That sponsorship cannot be disclaimed.

02

Policy Gate

Every agent action passes through the gate before it happens. The gate checks identity, skill scope, and active policies. It returns ALLOW or DENY with a reason. Nothing bypasses it.

03

Chron Proof

Every gate decision -- ALLOW and DENY -- is written to Chron immediately. Chron is designed as an append-only audit trail. The record exists before the action completes.

The shift

From ungoverned to accountable.

Without CLAIIM

ungoverned path

Agentdeploy-bot
direct API call
External Serviceproduction API
action executes
Log (after the fact)audit log
xNo proof an action was authorized
xEvery agent can act if it has credentials
xLogs appear after damage is done

With CLAIIM

governed path

Agentdeploy-bot
gate request
CLAIIM Gatepolicy check
Identity
Skill
Policy
ALLOW / DENY
External Serviceproduction API (ALLOW only)
proof recorded
Chronimmutable proof
outcomeALLOWanchors.kondepudipolicystaging-v3
+Human anchor on every decision
+Policy checked before execution
+Proof exists before action completes
How it works

Gate your first agent in 10 minutes.

1
Provision agentRegister the agent in CLAIIM. Assign it to an organizational boundary and bind it to a human accountability anchor.
2
Define skill and policyCreate a versioned skill: the email identity, system prompt, allowed actions, and forbidden actions. Set org-wide policies for what agents may never do.
3
Gate every actionYour agent calls the gate before acting. CLAIIM checks identity, skill scope, and active policies. The agent receives ALLOW or DENY with a reason. The gate is fail-closed.
4
Review Chron proofEvery decision is recorded with agent, human anchor, organizational boundary path, skill version, and policy version. Auditors and regulators see the full chain.
Controls that matter

Built for accountability, not just visibility.

Human accountability anchor

Every agent is sponsored by a named human. Their identity travels with every gate decision. Regulators see both the agent and the person who authorized it.

Organizational boundaries

Agents belong to an organizational boundary called an AIORG. Agents cannot cross boundaries unless explicitly granted. Hierarchy is enforced at the gate.

Versioned skills and policies

Every change to a skill or policy creates a new version. Agents hold a pinned version -- silent updates are not possible. Chron records which version governed each decision.

Two-person control for privileged changes

Sensitive management operations require a second admin to approve. All actions inside the elevated window are tagged in Chron with the session ID.

Deployment

Runs in your environment.

CLAIIM deploys inside your infrastructure and uses your database. Chron, policies, agent records, and gate decisions remain under your control. Nivaya does not receive agent activity data.

Read install guide
Your infraDocker Compose or Kubernetes
Your databasePostgreSQL you control
No data leavesNivaya receives no agent activity
Availability

Evaluation Preview now. Professional and Sovereign coming.

Evaluation Preview

Available now
  • Gate enforcement and Chron
  • Organizational hierarchy
  • Versioned Skills and Policies
  • Two-person control
  • Admin UI
  • Docker Compose install
  • Python SDK
Single nodePostgreSQL onlyEmail and password auth

Professional

In development
  • Everything in Evaluation Preview
  • Kubernetes Helm chart
  • Active-active HA
  • SAML and OIDC federation
  • MSSQL support
  • Cross-org grants UI

Sovereign

In development
  • Everything in Professional
  • Air-gap operation
  • mTLS agent mesh
  • Signed USB update bundles
  • EU AI Act evidence pack
  • ISO 42001 evidence pack
  • DORA incident trail

Ready to gate your first agent?

Try public previewRead onboardingBook walkthrough