Agentic Thinking builds AgentHook-aligned runtime governance software: HookBus™ routes agent evidence, AgentProtect enforces policy, and approval/audit subscribers prove what happened before and after consequential actions.
Built for organisations with a CISO, a DPO, and internal audit watching. Financial services. Insurance. Healthcare. Defence. Public sector. Internal IT departments where Claude Code, Cursor, Amp, Codex, and Copilot already touch regulated codebases. Anywhere agents or assistants now hold the keys.
See HookBus capture an agent action, AgentProtect apply hard block, allow, or ask, the human-approval workflow route a reviewer decision, and AgentAuditor preserve the evidence trail. Fixed-price validation sprints are typically three days and can launch into a full pilot.
72 seconds · click to play with sound
AI agents run tool calls, write to production, handle customer data, browse admin systems, and execute CLI actions. Your developers have Claude Code, Cursor, Amp, Codex, and Copilot against regulated codebases. Your IT team runs coding assistants with access to secrets and infrastructure. Governance cannot wait for a final enforcement date: enterprises need pilots now so runtime evidence, approval, and control are already working when regulators, auditors, insurers, or procurement teams ask.
AgentHook is the open runtime evidence standard. Agentic Thinking implements it in working software. HookBus is the reference runtime router for AgentHook-compatible events. HookBus Enterprise is the full enterprise offering, with AgentProtect as the policy enforcement product inside it.
Routes AgentHook-compatible lifecycle evidence from AI agents and coding assistants to subscribers for governance, audit, cost tracking, memory, DLP, approval, and anything else you plug in. Vendor-neutral: works with Claude Code, Cursor, Amp, GitHub Copilot, Hermes, OpenClaw, Codex, Anthropic Agent SDK, OpenAI Agents SDK, and any HTTP-capable runtime.
When there is no human in the loop, AgentProtect is the Agent in the Loop. L1 deterministic policy gate backed by Microsoft AGT. L2 semantic intent verification can run against the enterprise's approved LLM, with Granite 4 3B validated locally. Sub-10ms L1 decisions. Local CPU deployment available. Policy, secondary-agent review, and human approval decisions become runtime evidence.
Agentic Thinking does not ask enterprises or runtime vendors to abandon their existing stack. We implement the AgentHook evidence model, align with OpenTelemetry pipelines, and integrate policy engines such as Microsoft AGT where they are the right control.
AgentHook defines the vendor-neutral event and evidence contract. HookBus is one reference implementation, not a required dependency.
AgentHook evidence can map into traces, spans, events, and logs while preserving agent-specific semantics such as authority, approval, policy decision, and nested tool activity.
AgentProtect uses Microsoft Agent Governance Toolkit as part of L1 policy enforcement, with Agentic Thinking adding runtime routing, decision loops, and evidence capture around it.
OpenAI, Anthropic, Cursor, Windsurf, and other runtimes can expose AgentHook-compatible evidence without adopting HookBus or any Agentic Thinking product.
Agentic Thinking speaks to the people responsible for the agent-in-production problem. Every block below maps to a real deliverable in the product, not a marketing line.
Hash-chained audit trail across every agent runtime. Evidence your incident response team can actually subpoena.
DLP Filter subscriber redacts secrets and regulated data at envelope entry. GDPR / HIPAA / PCI scopes configurable.
Rules written once, enforced across Claude, GPT, Gemini, open-weights. Vendor portability built in.
Every decision, every override, every deny-wins consolidation, timestamped and exportable for the auditor.
Regulation language translates to deterministic rules. L1 blocks before the tool call, no LLM discretion.
AgentSpend tracks token usage per team, per agent, per session. Budget limits enforceable at the bus layer.
HookBus sits at the hook layer, not the inference layer. Governance runs at the bus; your models keep running wherever your enterprise has already standardised.
AWS Bedrock, Azure OpenAI, Google Vertex AI, IBM watsonx.ai
Ollama, vLLM, llama.cpp, NVIDIA NIM
Anthropic, OpenAI, Google, Mistral, Moonshot
Built and tested, not just theorised. HookBus and AgentProtect were built and tested with IBM Granite 4 3B, proving the governance layer works with small enterprise-friendly models regulated teams can self-host. The same L2 path can use the enterprise's approved LLM, whether local, private cloud, or provider-hosted.
Every AI agent and every coding assistant fires lifecycle events. HookBus captures them and routes to subscribers in parallel. Sync subscribers return verdicts (allow / deny / ask) and context. The publisher injects the consolidated result into the next turn. Deny wins.
Full protocol specification, install commands, subscriber gallery, and developer documentation at hookbus.com.
Publishers. Bus. Subscribers. One bus captures every agent action and routes it to the subscribers that govern, enrich, protect, and audit.
1 min 45 sec · click to play with sound
If you build an AI runtime, coding assistant, or agent framework and need a governance story your enterprise customers can buy, Agentic Thinking can help you implement AgentHook-compatible evidence, route it through HookBus where useful, and add AgentProtect policy and approval flows where customers need enforcement. White-label, OEM, per-seat, per-deployment, and native-standard-support models available.
Your product ships with HookBus Enterprise under your brand, including AgentProtect, approval workflows, audit evidence, and policy packs. You supply the distribution.
Relicense HookBus Enterprise to your enterprise customers as part of your own paid tier. Revenue share or flat licence. Audit-ready runtime evidence included.
Co-develop native AgentHook-compatible evidence or a publisher shim for your runtime. Enterprise customers get the governance evidence they need without you becoming a governance vendor.
Licensing enquiries: partnerships@agenticthinking.uk
A UK company building the runtime-governance infrastructure regulated enterprises need to adopt AI agents safely. Two products, patent-pending architecture, pilot-ready.
Founded by Leo Ruocco, with 27 years across UK financial services, insurance, and defence, building the controls layers auditors actually read.
HookBus ships publisher shims for the major AI runtimes and SDKs. AgentProtect integrates with industry-standard policy engines. All integrations are public, documented, and use each vendor's supported APIs.
AgentProtect uses Microsoft Agent Governance Toolkit (AGT) as its deterministic pattern engine.
AgentProtect was built and tested with Granite 4 3B running locally for semantic intent verification. No cloud calls required.
Publisher shim for Claude Code via the native hook API. All four lifecycle events.
TypeScript plugin for Amp's lifecycle plugin API. Full five-event coverage.
Python plugin for Hermes-agent. Pre-tool-call, post-tool-call, post-API-request hooks.
Node.js plugin for OpenClaw's extension API.
Wraps HookBusRunHooks(RunHooksBase). Tool start / tool end / LLM end / agent end.
Pre- and post-tool events for the Anthropic Agent SDK.
HookBus Enterprise is built for the deployments where a CISO signs a DPIA before the tool goes live. Regulation may arrive on different timelines in different jurisdictions, but enterprises deploying agents into real workflows need runtime evidence, approval, and control now.
Where AI regulation requires record keeping, oversight, or auditability, HookBus and AgentHook-compatible evidence help produce the runtime trail: tamper-evident, chained, exportable.
Produces the event-level audit trail your SOC 2 Type II assessor expects. Built to slot into your assurance programme.
Deployment, operation, incident-response, and review features map to ISO 42001 clauses. Built to support customers running an AI management system.
DLP Filter redacts API keys, PII, financial identifiers, and infrastructure strings at the envelope. Regulated data never leaves the agent boundary.
AgentProtect runs locally, CPU-only. No external API calls at decision time. Deploy where your DPIA allows.
Agentic Thinking Limited does not currently hold third-party compliance certifications. The products are built to the evidence standards SOC 2 Type II and ISO/IEC 42001 require, and customers can use them inside their own compliance programmes today. Security posture documentation is available under NDA — see the Trust Center.
Built for organisations running AI agents in production or coding assistants across internal IT, targeting regulated-industry deployment. Call for details. Not the right price point for a hobby project, exactly the right price point for a bank.