Agent governance infrastructure. Intercept any AI agent action before it fires, evaluate it against your policy, and decide: allow, block, or escalate. Every decision is written to a tamper-evident audit log.
Control what your agents do, before they do it. Allow. Block. Escalate.
AI agents are being deployed into production at speed. They move money, push code, access customer records, and send communications, autonomously. Gatekept is the control point and audit trail for everything they do.
You add one import and wrap any agent action with gate(). Every attempt is checked against your live policy in under 200ms and resolves to one of three verdicts:
- Allow — within bounds, proceeds instantly.
- Block — crosses a hard limit, execution stops.
- Escalate — needs a human, routed for approval.
Every verdict is appended to a hash-chained audit log. Altering any past entry breaks the chain, so the record is tamper-evident.
gatekept/
├── site/ Landing page, demo, docs, token & pricing pages (static)
├── sdk/
│ ├── python/ Python SDK: gate(), Policy, rule, audit, hosted mode + tests
│ └── typescript/ TypeScript SDK: mirror of the Python API + tests
├── backend/ Hosted API: FastAPI app, policy engine, hash-chained audit
│ ├── gatekept_api/ db.py, engine.py, main.py
│ └── dashboard.html Web dashboard (manage policy, test actions, view audit log)
└── brand/ Logo, avatar, banner, brand assets
Local mode (default, no account, fully offline): the SDK evaluates actions in-process against a local policy and keeps an in-memory audit log. Clone and run with zero setup.
Hosted mode: point the SDK at the backend with a project API key. Verdicts are evaluated on the server against your stored policy and written to a durable, team-shared, tamper-evident audit log. The public API is identical in both modes.
import gatekept as gk
from gatekept import Policy, rule
gk.set_policy(Policy([
rule("transfer_funds", when="amount > 5000", verdict="escalate", to="cfo"),
rule("export_records", when="pii_rows > 10000", verdict="block"),
]))
def process_payment(amount, recipient):
gk.gate("transfer_funds", {"amount": amount, "recipient": recipient})
transfer_funds(amount, recipient)import gatekept as gk
gk.configure(api_key="gk_live_xxx", base_url="https://your-backend")
gk.gate("transfer_funds", {"amount": 6200}) # evaluated on the server, logged thereIf the service is unreachable, the SDK fails closed (blocks) by default rather than letting an unchecked action through.
A FastAPI service that turns the SDK from a local library into a hosted product.
cd backend
pip install -r requirements.txt
uvicorn gatekept_api.main:app --reload
# interactive API docs at http://localhost:8000/docsEndpoints:
POST /v1/projects— create a project, returns an API key (shown once).PUT /v1/policy/GET /v1/policy— set and read the project's rules.POST /v1/gate— evaluate an action, return the verdict, log it.GET /v1/audit— read the audit log and verify the hash chain is intact.
The policy engine (engine.py) is the same safe, AST-based evaluator as the SDK: conditions like amount > 5000 are parsed and evaluated against the payload with a restricted operator set. No arbitrary code runs, which matters because rules come from user input.
backend/dashboard.html is a single-file web UI. Sign in with a project API key to manage your policy, fire test actions, and watch the audit log with a live chain-integrity indicator. No build step.
Works with LangChain, CrewAI, AutoGen, and raw API agents. The integration is the same everywhere: wrap the action, get a verdict.
This repository is under active development.
- SDKs (Python + TypeScript): local mode is complete and tested; hosted mode forwards verdicts to the backend.
- Backend (API + engine + hash-chained audit): working and tested, including tamper detection. Uses SQLite for local development; standard SQL so it moves to PostgreSQL for production.
- Dashboard: working against the backend API.
Before running with real users and data, the backend needs a production database, HTTPS, locked CORS origins, rate limiting, and a security review. See backend/README.md for the production checklist.
Docs live in site/docs.html and on the site.
MIT. See LICENSE.