Two-layer governance for AI agents. Every tool call passes through CRE before execution. The AI cannot bypass, disable, or argue with it.
66 SECONDS · HARD BLOCK · KB INJECTION · PIN OVERRIDE
Microsoft Agent Governance Toolkit provides semantic threat classification across destructive, exfiltration, and privilege escalation categories. Combined with our proprietary regex pattern engine for your organisation's policies.
IBM Granite 4 (Apache 2.0) runs locally. Verifies the AI's action matches what the user actually asked for. Catches substitutions, shortcuts, and creative reinterpretations.
Operates outside the AI's context window as a mandatory checkpoint. The AI cannot skip, modify, or argue with it.
L2 verifies the agent's tool call matches the user's explicit instruction. Nobody else checks this.
Human approval chain for sensitive operations. The user types override 0000, CRE retries, the audit trail records it.
L2 decisions automatically promote to L1 patterns with human approval. Faster and more accurate over time.
Detects encoded commands, lateral movement, and scripts designed to bypass enforcement.
Full audit trail, every decision logged. Works with HookBus Auditor for compliance evidence.
CRE Light is the free, open-source tier. L1 only: Microsoft AGT semantic classification plus 15 regex rules. No LLM. No GPU. No API key. Sub-10ms. 306 lines of Python. Catches 80% of policy violations. Upgrade to full CRE for L2 intent verification.
Coming soon. Open source.