Skip to main content

The Agent Firewall for High-Stakes AI

Deploy autonomous AI agents in legal, finance, and compliance — with the guardrails, approvals, and audit trails that regulators demand.

Try Free (5 min setup)Book Pilot ($15K-$25K)

✓ Self-hosted (your infrastructure) • ✓ Apache 2.0 open source • ✓ Production-ready in 2-4 weeks

What You Get

🛡️

Policy Enforcement

ALLOW, DENY, or ESCALATE decisions based on manifests, budgets, and risk hooks. Non-bypassable enforcement at the action boundary.

👤

Human Approvals

High-risk actions escalate to operators for review. Web UI + API with 5-minute SLA. Full audit trail of every decision.

📜

Tamper-Evident Logs

Hash-chained, Ed25519-signed interaction records. Cryptographically verifiable audit logs for regulators and courts.

What Customers Say

"The pilot paid for itself in the first month."
— Managing Partner, IP Litigation Boutique

"Got to production in 3 weeks. The audit trail was exactly what regulators wanted."
— CTO, Series B Fintech

"We can finally say 'yes' to AI agents without sacrificing governance."
— Director of Compliance, Regional Bank

See It In Action

Every agent action flows through the gateway for policy enforcement and audit logging.

# Agent proposes action
curl -X POST /gateway/execute \
  -H "X-API-Key: $KEY" \
  -d '{
    "uapk_id": "settlement-bot",
    "action": {
      "type": "legal",
      "tool": "send_settlement_offer",
      "params": {"amount": 5000}
    }
  }'

# Gateway response
{
  "decision": "ALLOW",
  "executed": true,
  "interaction_id": "int-abc123"
}

What Just Happened?

✓ Manifest check: Is settlement-bot registered?
✓ Capability check: Can it send settlements?
✓ Budget check: $5K under $50K threshold
✓ Policy check: Passed all rules
→ Executed via connector
📝 Logged with hash chain + signature

Before vs After UAPK Gateway

❌ Without UAPK

Compliance blocks every agent deployment
"Who authorized this?" (no attribution)
"Can we prove it in court?" (no audit trail)
"How do we stop it?" (no kill switch)
Months of back-and-forth with legal/compliance
Vendor logs (90-day retention, not court-admissible)

✓ With UAPK

Policy enforcement: ALLOW/DENY/ESCALATE
Attribution: Every action traced to agent + manifest
Court-ready logs: Hash-chained, Ed25519 signed
Human approvals: High-risk actions reviewed
Production in 2-4 weeks: Fixed-fee pilot
Your evidence: Self-hosted, indefinite retention

The "47ers" Library

Pre-built governance templates for common workflows

⚖️ Legal

IP Settlement Gate: Auto-negotiate up to $50K, escalate above
DMCA Takedown: 200 notices/day with compliance tracking

View templates →

💰 Finance

Trading Gate: $10K auto-execute, $100K daily cap
KYC Onboarding: Risk-based routing + sanctions screening

View templates →

🔒 Compliance

Vendor Due Diligence: Automated risk assessment
Email Guard: Rate limits + recipient validation

View templates →

Why UAPK Won't Be Obsolete

Model vendors will improve. Your governance requirements won't change.

🎯 Model-Agnostic by Design

UAPK governs actions at the boundary to real systems. It doesn't care which model you use (GPT-4, Claude, Llama, Gemini).

🏛️ Regulation Requires It

SOC2, GDPR, SEC audits require organization-owned evidence. "Check the OpenAI logs" doesn't work in court.

Read the full argument →

Ready to Ship Agents Safely?

Choose your path to production

🔬 Self-Host (Free)

Deploy in 5 minutes with Docker Compose

Apache 2.0 • Full source code • Community support

🚀 Pilot Program

Production-ready in 2-4 weeks with expert help

$15K-$25K fixed fee • Manifests + training + 30-day support

View on GitHub • Read Documentation • Contact Sales