Security — stop unsafe side effects
Put semantic inspection, explicit policy, velocity limits, and human approval on the tool‑call path. Denied calls do not receive upstream credentials or reach the target system.
Your AI agents are privileged users. Treat them like one.
Clavenar inspects tool calls, enforces policy, routes sensitive actions for human approval, and keeps a tamper‑evident audit trail before side effects fire.
The chain sample, current benchmark report, attack‑catalog coverage, and tagged Lite release are accessible here. Production results still depend on your models, policies, tools, and infrastructure.
Clavenar sits between the agent runtime and every side effect. Fast calls pass; risky calls park; every outcome becomes evidence.
OpenAI, Anthropic, MCP, or custom clients send the normalized call through the proxy.
Semantic checks and Rego policy classify the call as allow, block, review, or rate-limit.
Yellow-tier actions wait for Slack, Teams, console, or CLI approval before the side effect fires.
Verdicts, approvals, and upstream outcomes are canonical JSON rows on a SHA-256 chain.
Start with one production agent and one consequential tool surface. Each team gets evidence it can use without asking the agent to explain itself.
Put semantic inspection, explicit policy, velocity limits, and human approval on the tool‑call path. Denied calls do not receive upstream credentials or reach the target system.
Normalize MCP or custom calls at the proxy, roll out in observe mode, then enforce policy without rebuilding every agent. Correlation IDs connect runtime decisions to operational debugging.
Replay who requested what, which policy decided, who approved, and whether the upstream action executed. Hash chaining helps reveal later alteration; it does not by itself establish regulatory compliance.
This browser walkthrough animates the product flow with illustrative events: indirect injection, a high‑value refund routed for human approval, and a runaway loop hitting a velocity limit. Auto‑play it or step through each decision.
finbot‑prod‑7Want to drive it yourself? Pass the Cloudflare check to open a scoped 2‑hour live-console session in a new tab. You only see the ledger rows you create; the shared demo chain continues separately.
Verify the sample chain →No signup — the session expires after 2 hours.
Clavenar is a founder‑led product being built toward v1. This site documents the current control‑plane scope and its limits; it is not a claim of broad enterprise maturity or third‑party certification.
Run Lite as a single binary or deploy the full services in infrastructure you control. Pilot planning covers network boundaries, upstreams, model providers, evidence storage, and rollback before enforcement.
The production design authenticates agents with mTLS, injects upstream credentials only after authorization, and keeps policy mutation and approval authority outside the agent. Full‑stack approvals can be SSO‑gated.
Policy faults do not silently allow a request. Sensitive approvals expire closed. A pilot defines fail‑closed behavior, retention, redaction, access, and evidence export for the chosen tool surface.
Mappings are implementation aids, not legal advice, certification, attestation, or a promise that your deployment complies. Clavenar does not currently claim SOC 2 Type II certification.
Use the open‑source tools for discovery and a single‑agent trial, or work directly with the founder on a scoped production pilot.
Shadow Scanner · open‑source CLI
Scan supported source, workspace, and local surfaces for agent footprints and exposed credentials. Review the README and permissions before pointing it at an organization.
Clavenar Lite · single binary
Evaluate the proxy, policy decisions, pending approvals, and chain format locally without adopting the full service topology.
:latestFull control plane · founder‑led deployment
Scope one consequential tool surface, observe it first, then turn on policy and human approvals with a rollback plan and evidence review.
Apply for a scoped design‑partner pilot. If the use case fits, the next step is a 30‑minute scoping call with the founder.
In the meantime, watch the product walkthrough or verify the sample chain.