When there is no human in the loop, CRE is the Agent in the Loop.
Two-layer governance for AI agents. Every tool call passes through CRE before execution. The AI cannot bypass, disable, or argue with it.
66 SECONDS · HARD BLOCK · AGENTKNOWLEDGE INJECTION · AGENTFLOW APPROVAL
Microsoft Agent Governance Toolkit provides semantic threat classification across destructive, exfiltration, and privilege escalation categories. Combined with our proprietary regex pattern engine for your organisation's policies.
IBM Granite 4 (Apache 2.0) runs locally. Verifies the AI's action matches what the user actually asked for. Catches substitutions, shortcuts, and creative reinterpretations.
Operates outside the AI's context window as a mandatory checkpoint. The AI cannot skip, modify, or argue with it.
L2 verifies the agent's tool call matches the user's explicit instruction. Nobody else checks this.
Human approval chain for sensitive operations. CRE pauses the action, AgentFlow routes the request to the named approver via CLI, email, or Slack, the response is recorded, and the audit trail captures who approved what and when.
L2 decisions automatically promote to L1 patterns with human approval. Faster and more accurate over time.
Detects encoded commands, lateral movement, and scripts designed to bypass enforcement.
Full audit trail, every decision logged. Pairs with the HookBus™ AgentAuditor subscriber to produce the SHA-256 hash-chained evidence a SOC 2, ISO 27001, or ISO 42001 assessor expects.