-
Notifications
You must be signed in to change notification settings - Fork 0
Home
Controlled Agentic Verification & Runtime Authority
Before the agent acts, CAVRA decides.
This wiki is the operating manual for CAVRA as an enterprise AI-agent runtime governance platform. It explains the product thesis, architecture, roadmap, user stories, enterprise challenges, controls, evidence model, and implementation phases.
Phase 1, Productization Foundation, is complete in PR #1. It establishes CAVRA identity, CLI, MCP server, Claude Code setup, policy packs, runtime decisions, Docker validation, API contract, sandbox, and enterprise documentation.
Phase 2, Policy Engine Hardening, is complete in PR #1. It adds strict schema validation, inheritance, normalized compile output, semantic diff, signature metadata, and tamper-detection tests.
Phase 3, Evidence Hub and Attestation, is the next recommended implementation phase.
- White Paper:
White-Paper.md - Production Roadmap:
Production-Roadmap.md - Implementation Plan:
Implementation-Plan.md - User Stories:
User-Stories.md - Enterprise Challenges:
Enterprise-Challenges.md - Diagrams:
Diagrams.md - Phase Completion Log:
Phase-Completion-Log.md - Policy Engine Hardening:
Policy-Engine-Hardening.md
pipx install cavra
cavra policy test
cavra evaluate read_file .env --json
cavra init claude-code
claude mcp add cavra -- cavra-mcp-serverRun the local sandbox:
docker compose up -d --buildOpen http://127.0.0.1:5173.
Before the agent acts, CAVRA asks: who is acting, what will change, what policy applies, and what evidence will prove it?
| Start | Build | Operate | Assure |
|---|---|---|---|
| Quick Start | CLI | Enterprise Guide | AISPM |
| Reader Paths | Policy Syntax | Deployments | Evidence |
| Community | GUI | Troubleshooting | Conclusion |
- Foreword And Reader Paths
- Why CAVRA Exists
- Runtime Authority Model
- Architecture
- Editions
- Install And Deploy
- Community Guide
- Enterprise Guide
- CLI Reference
- GUI And Sandbox
- AISPM Guide
- Policy And Evidence
- Operations And Integrations
- Labs And Use Cases
- Appendices And FAQ
- Policy Language Reference
- Troubleshooting Playbook
- Technology Stack
- Conclusion