We steward AgentHook, the open runtime evidence standard for AI agents. We build HookBus, the open-source reference bus that implements it. HookBus Enterprise packages the compliance subscriber bundle, dashboard, and support regulated enterprises need as AI governance obligations harden.
Built for organisations with a CISO, a DPO, and regulators watching. Financial services. Insurance. Healthcare. Defence. Public sector. Internal IT departments where Claude Code, Cursor, Amp, and Copilot already touch regulated codebases. Anywhere agents or assistants now hold the keys.
When there is no human watching, CRE is the Agent in the Loop. It governs every action your agents take. Only when absolutely necessary does it escalate to a human with Ask.
L1 deterministic rules catch known-bad actions before they run. Malicious shell commands, unauthorised data access, policy violations — blocked in sub-10ms. No LLM required.
L2 semantic review clears borderline actions that pass L1 but need intent verification. Safe actions proceed without human delay. The agent keeps working.
When L2 is uncertain, HookBus Workflow pauses the agent and notifies the human — via CLI prompt, email, or Slack. The human approves or denies. The agent resumes. Human back in the loop, only when needed.
Self-learning: every L2 decision and human override feeds back into L1 patterns. The agent gets smarter at governing itself.
A Claude Code agent calls a destructive shell command. CRE-AgentProtect runs through L1 deterministic rules and L2 semantic review, returns deny, and the action is stopped before it reaches production. One minute, start to finish.
CRE FLOW · CLICK TO PLAY WITH SOUND
AI agents run tool calls, write to production, handle customer data. Your developers have Claude Code, Cursor, Amp, and Copilot against regulated codebases. Your IT team runs coding assistants with access to secrets and infrastructure. They forget the rules. They skip policy. They act without review. Auditors and regulators now want the logs your stack is not producing. If you provide high-risk AI systems, your Article 12 event-logging obligation takes effect 2 August 2026.
HookBus is the agent event bus that captures lifecycle evidence from AI agents and coding assistants in your stack. The free edition ships with production-ready policy and spend-tracking subscribers. HookBus Enterprise adds the compliance subscriber bundle, dashboard, and support for regulated deployments.
Self-host the bus and get two production subscribers out of the box. Build your own subscribers for governance, audit, cost tracking, memory, DLP, or anything else you need. Vendor-neutral: works with Claude Code, Cursor, Amp, GitHub Copilot, Hermes, OpenClaw, Codex, Anthropic Agent SDK, OpenAI Agents SDK, and any HTTP-capable runtime.
Everything in HookBus, plus the Enterprise dashboard, advanced subscribers, commercial-use licence, SLA, support, and regulatory update packs. Built to produce runtime evidence for regulated AI deployments. On-premise, VPC, or air-gap deployment.
Agentic Thinking speaks to the people responsible for the agent-in-production problem. Every block below maps to a real deliverable in the product, not a marketing line.
Hash-chained audit trail across every agent runtime. Evidence your incident response team can actually subpoena.
DLP Filter subscriber redacts secrets and regulated data at envelope entry. GDPR / HIPAA / PCI scopes configurable.
Rules written once, enforced across Claude, GPT, Gemini, open-weights. Vendor portability built in.
Every decision, every override, every deny-wins consolidation, timestamped and exportable for the auditor.
Regulation language translates to deterministic rules. L1 blocks before the tool call, no LLM discretion.
AgentSpend tracks token usage per team, per agent, per session. Budget limits enforceable at the bus layer.
HookBus sits at the hook layer, not the inference layer. Governance runs at the bus; your models keep running wherever your enterprise has already standardised.
AWS Bedrock, Azure OpenAI, Google Vertex AI, IBM watsonx.ai
Ollama, vLLM, llama.cpp, NVIDIA NIM
Anthropic, OpenAI, Google, Mistral, Moonshot
Built and tested on IBM Granite 4 3B. HookBus Enterprise was developed end-to-end against Granite 4 3B so the governance layer works at the smallest enterprise-friendly model sizes regulated teams actually want to self-host. HookBus-LLM, powered by LiteLLM, lets you swap in your own model if Granite 4 is not your default.
Every AI agent and every coding assistant fires lifecycle events. HookBus captures them and routes to subscribers in parallel. Sync subscribers return verdicts (allow / deny / ask) and context. The publisher injects the consolidated result into the next turn. Deny wins.
Full protocol specification, install commands, subscriber gallery, and developer documentation at hookbus.com.
Publishers. Bus. Subscribers. One bus captures every agent action and routes it to the subscribers that govern, enrich, protect, and audit.
1 min 45 sec · click to play with sound
If you build an AI runtime, coding assistant, or agent framework and need a governance story your enterprise customers can buy, Agentic Thinking licenses HookBus Enterprise for embedding or resale. White-label, OEM, per-seat, per-deployment models available.
Your product ships with HookBus Enterprise bundled under your brand. We supply the protocol, the bus, the subscribers, and the policy packs. You supply the distribution.
Relicense HookBus Enterprise to your enterprise customers as part of your own paid tier. Revenue share or flat licence. Audit-ready compliance evidence included.
Co-develop a publisher shim for your runtime. Your events become HookBus events. Enterprise customers who standardise on HookBus get your runtime for free.
Licensing enquiries: partnerships@agenticthinking.uk
A UK company building the runtime-governance infrastructure regulated enterprises need to adopt AI agents safely. One platform, two editions, patent-pending architecture, pilot-ready.
Founded by Leo Ruocco, with 27 years across UK financial services, insurance, and defence, building the controls layers auditors actually read.
HookBus connects on the ingress side via publisher shims, and on the enforcement side via the policy engine subscriber. Publisher integrations are public and documented under Apache 2.0. Enterprise policy integrations are available in HookBus Enterprise and use each vendor's supported APIs.
Ingress adapters that translate native AI runtime lifecycle events into canonical HookBus envelopes. All public, all Apache 2.0.
Publisher shim via the Claude Code native hook API. All four lifecycle events covered.
TypeScript plugin for Amp's lifecycle plugin API. Full five-event coverage.
Python plugin for Hermes-agent. Pre-tool-call, post-tool-call, post-API-request hooks.
Node.js plugin for OpenClaw's extension API.
Wraps HookBusRunHooks(RunHooksBase). Tool start / tool end / LLM end / agent end.
Pre- and post-tool events for the Anthropic Agent SDK.
The policy engine subscriber consumes HookBus events and enforces decisions. The policy stack uses two industry-standard engines, both running locally inside your network.
The policy engine uses Microsoft Agent Governance Toolkit as its deterministic pattern engine. Sub-10ms policy decisions.
Granite 4 3B runs locally for semantic intent verification on borderline cases. No cloud LLM calls at decision time.
HookBus Enterprise is built for deployments where a CISO signs a DPIA before the tool goes live. Regulated AI programmes increasingly need runtime evidence: prompts, model calls, tool calls, policy decisions, human approvals, denials, and audit trails. HookBus Enterprise is engineered to produce that evidence inside your own environment.
If you are a provider of a high-risk AI system, Article 12 introduces automatic event-logging obligations from 2 August 2026. HookBus helps produce the runtime evidence those programmes need: chained, exportable, and tied to agent actions.
Produces the event-level audit trail your SOC 2 Type II assessor expects. Built to slot into your assurance programme.
Deployment, operation, incident-response, and review features map to ISO 42001 clauses. Built to support customers running an AI management system.
DLP Filter redacts API keys, PII, financial identifiers, and infrastructure strings at the envelope. Regulated data never leaves the agent boundary.
The policy engine runs locally, CPU-only. No external API calls at decision time. Deploy where your DPIA allows.
Agentic Thinking Limited does not currently hold third-party compliance certifications. The products generate runtime evidence that can support SOC 2, ISO/IEC 42001, EU AI Act, and internal audit programmes, but do not certify compliance on their own. Security posture documentation is available under NDA — see the Trust Center.
Built for organisations running AI agents in production or coding assistants across internal IT, targeting regulated-industry deployment. Call for details. Not the right price point for a hobby project, exactly the right price point for a bank.