The approval and accountability layer for agentic AI
Identity. Policy. Approval. Trace.
Your AI agents are acting without oversight. SidClaw adds the missing governance layer — policy evaluation, human approval with rich context, and tamper-proof audit trails — without changing your agent code.
What makes SidClaw different: Everyone else does Identity + Policy + Audit. SidClaw adds the Approval primitive — where a human sees exactly what an agent wants to do, why it was flagged, the agent's reasoning, and the risk level — then approves or denies with one click. That's what FINRA 2026 mandates, what the EU AI Act requires, and what no one else has shipped.
Try it right now — no signup needed:
| 🏦 Financial Services Demo | 🔧 DevOps Demo | 🏥 Healthcare Demo |
|---|---|---|
| AI sends customer email → approval required | AI scales production → approval required | AI orders labs → physician approves |
An AI agent wants to send a customer email. Policy flags it for review. The reviewer sees full context — who, what, why — and approves with one click. Every step is traced.
An AI agent wants to scale production services. High-risk deployments require human approval. Read-only monitoring is allowed instantly.
An AI assistant recommends lab orders. The physician reviews the clinical context and approves. Medication prescribing is blocked by policy — only physicians can prescribe.
Agent wants to act → SidClaw evaluates → Policy decides → Human approves (if needed) → Action executes → Trace recorded
Four primitives govern every agent action:
┌──────────┐ ┌──────────┐ ┌──────────┐ ┌──────────┐
│ Identity │ → │ Policy │ → │ Approval │ → │ Trace │
│ │ │ │ │ │ │ │
│ Every │ │ Every │ │ High-risk│ │ Every │
│ agent │ │ action │ │ actions │ │ decision │
│ has an │ │ evaluated│ │ get human│ │ creates │
│ owner & │ │ against │ │ review │ │ tamper- │
│ scoped │ │ explicit │ │ with rich│ │ proof │
│ perms │ │ rules │ │ context │ │ audit │
└──────────┘ └──────────┘ └──────────┘ └──────────┘
- allow → action executes immediately, trace recorded
- approval_required → human sees context card, approves/denies, trace recorded
- deny → blocked before execution, no data accessed, trace recorded
npx create-sidclaw-app my-agent
cd my-agent
npm startThis creates a working governed agent with 3 demo tools:
- ✅
search_docs— allowed instantly - ⏳
send_email— requires YOUR approval (open dashboard) - ❌
export_data— blocked by policy
No configuration needed — the CLI creates your agent, policies, and API key automatically.
Manual Setup (TypeScript)
npm install @sidclaw/sdkimport { AgentIdentityClient, withGovernance } from '@sidclaw/sdk';
const client = new AgentIdentityClient({
apiKey: process.env.SIDCLAW_API_KEY,
apiUrl: 'https://api.sidclaw.com',
agentId: 'your-agent-id',
});
const sendEmail = withGovernance(client, {
operation: 'send_email',
target_integration: 'email_service',
resource_scope: 'customer_emails',
data_classification: 'confidential',
}, async (to, subject, body) => {
await emailService.send({ to, subject, body });
});
await sendEmail('customer@example.com', 'Follow-up', 'Hello...');
// Policy says "allow"? → executes immediately
// Policy says "approval_required"? → waits for human approval
// Policy says "deny"? → throws ActionDeniedError, no email sentOpen app.sidclaw.com to see approval requests, audit traces, and policy decisions in real-time.
Manual Setup (Python)
pip install sidclawfrom sidclaw import SidClaw
from sidclaw.middleware.generic import with_governance, GovernanceConfig
client = SidClaw(api_key="ai_...", agent_id="your-agent-id")
@with_governance(client, GovernanceConfig(
operation="send_email",
target_integration="email_service",
data_classification="confidential",
))
def send_email(to, subject, body):
email_service.send(to=to, subject=subject, body=body)SidClaw wraps your existing agent tools — no changes to your agent logic.
| TypeScript | Python | |
|---|---|---|
| Core client | @sidclaw/sdk |
sidclaw |
| MCP proxy | @sidclaw/sdk/mcp |
sidclaw[mcp] |
| LangChain | @sidclaw/sdk/langchain |
sidclaw[langchain] |
| CrewAI | @sidclaw/sdk/crewai |
sidclaw[crewai] |
| OpenAI Agents | @sidclaw/sdk/openai-agents |
sidclaw[openai-agents] |
| Pydantic AI | — | sidclaw[pydantic-ai] |
| Vercel AI | @sidclaw/sdk/vercel-ai |
— |
| Composio | @sidclaw/sdk/composio |
sidclaw (built-in) |
| Claude Agent SDK | @sidclaw/sdk/claude-agent-sdk |
sidclaw (built-in) |
| Google ADK | @sidclaw/sdk/google-adk |
sidclaw (built-in) |
| LlamaIndex | @sidclaw/sdk/llamaindex |
sidclaw (built-in) |
| Webhooks | @sidclaw/sdk/webhooks |
sidclaw (built-in) |
Wrap any MCP server with governance. Works with Claude, ChatGPT, Cursor, Microsoft Copilot Studio, GitHub Copilot, and any MCP-compatible client. Supports both stdio (local) and Streamable HTTP (remote) transports.
import { AgentIdentityClient, GovernanceMCPServer } from '@sidclaw/sdk';
const server = new GovernanceMCPServer({
client,
upstream: { transport: 'stdio', command: 'npx', args: ['your-mcp-server'] },
toolMappings: [
{ toolName: 'query', data_classification: 'confidential' },
{ toolName: 'list_tables', skip_governance: true },
],
});
await server.start();Add governance to any OpenClaw skill. SidClaw evaluates every tool call against your policies before execution. See the OpenClaw integration guide →
import { governTools } from '@sidclaw/sdk/langchain';
const governedTools = governTools(myTools, { client });import { governVercelTool } from '@sidclaw/sdk/vercel-ai';
const governed = governVercelTool('myTool', myTool, { client });import { governOpenAITool } from '@sidclaw/sdk/openai-agents';
const governed = governOpenAITool(myTool, { client });Also supports: CrewAI, generic function wrapping, any async tool.
Try SidClaw without installing anything:
| Demo | Industry | What You'll See | Link |
|---|---|---|---|
| Atlas Financial | Finance (FINRA) | AI support agent with email approval flow | demo.sidclaw.com |
| Nexus DevOps | Platform Engineering | Infrastructure scaling with deployment approval | demo-devops.sidclaw.com |
| MedAssist | Healthcare (HIPAA) | Clinical AI with physician approval for lab orders | demo-health.sidclaw.com |
Each demo uses real SidClaw governance — the policy evaluation, approval workflow, and audit traces are 100% authentic. Only the business data is simulated.
AI agents are being deployed in production, but the governance layer is missing:
- 73% of CISOs fear AI agent risks, but only 30% are ready (NeuralTrust 2026)
- 79% of enterprises have blind spots where agents act without oversight
- FINRA 2026 explicitly requires "documented human checkpoints" for AI agent actions in financial services
- EU AI Act (August 2026) mandates human oversight, automatic logging, and risk management for high-risk AI systems
- OpenClaw has 329K+ stars and 5,700+ skills — but 1,184 malicious skills were found in the ClawHavoc campaign. There's no policy layer governing what skills can do.
The big vendors (Okta, SailPoint, WorkOS) handle identity and authorization. But none of them ship the approval step — the part where a human sees rich context and makes an informed decision before an agent acts.
- 60-second setup —
npx create-sidclaw-appscaffolds a working governed agent - <50ms evaluation overhead — the governance layer is invisible to your users
- 5-minute integration — wrap existing tools, no code changes
- MCP-native — governance proxy for any MCP server
- Framework-agnostic — LangChain, Vercel AI, OpenAI, CrewAI, Pydantic AI, Composio, or plain functions
- Typed SDKs — TypeScript (npm) + Python (PyPI)
- Policy engine — allow / approval_required / deny with priority ordering and classification hierarchy
- Approval workflow — context-rich cards with agent reasoning, risk classification, and separation of duties
- Audit trails — correlated traces with integrity hash chains (tamper-proof)
- SIEM export — JSON and CSV, continuous webhook delivery
- Compliance mapping — FINRA 2026, EU AI Act, NIST AI RMF
- RBAC — admin, reviewer, viewer roles with enforced permissions
- Tenant isolation — automatic tenant scoping on every query
- API key management — scoped keys with rotation
- Rate limiting — per-tenant, per-endpoint-category, plan-based tiers
- Webhooks — real-time notifications for approvals, traces, lifecycle events
- Self-serve signup — GitHub, Google, email/password
┌─────────────┐ ┌──────────────┐ ┌──────────────────┐
│ Your Agent │ │ SidClaw SDK │ │ SidClaw API │
│ │ ──► │ │ ──► │ │
│ LangChain │ │ evaluate() │ │ Policy Engine │
│ MCP Server │ │ withGovern() │ │ Approval Service │
│ OpenAI SDK │ │ governTools()│ │ Trace Store │
│ Any tool │ │ │ │ Webhook Delivery │
└─────────────┘ └──────────────┘ └──────────────────┘
│
▼
┌──────────────────┐
│ Dashboard │
│ │
│ Agent Registry │
│ Policy Management│
│ Approval Queue │
│ Trace Viewer │
│ Settings & RBAC │
└──────────────────┘
Deploy from the GitHub repo to Railway. Add a PostgreSQL database, configure environment variables, and you're live.
Deploy the dashboard to Vercel (requires a separately hosted API).
Deploy Docs or Landing Page to Vercel
Docs:
Landing Page:
curl -sSL https://raw.githubusercontent.com/sidclawhq/platform/main/deploy/self-host/setup.sh | bashOr manually:
git clone https://github.com/sidclawhq/platform.git
cd platform
cp deployment/env.example .env # edit with your values
docker compose -f docker-compose.production.yml up -dDevelopment credentials:
- Email:
admin@example.com/ Password:admin - Or click "Sign in with SSO" on the login page to auto-login without a password
No infrastructure to manage. Start free at app.sidclaw.com
See deployment documentation for production configuration, environment variables, and upgrade guides.
| Free | Starter | Business | Enterprise | |
|---|---|---|---|---|
| Price | CHF 0/mo | CHF 199/mo | CHF 999/mo | From CHF 3,000/mo |
| Agents | 5 | 15 | 100 | Unlimited |
| Policies per agent | 10 | 50 | Unlimited | Unlimited |
| API keys | 2 | 5 | 20 | Unlimited |
| Trace retention | 7 days | 30 days | 90 days | Custom |
| Webhooks | 1 | 3 | 10 | Unlimited |
| Support | Community | Priority email | Dedicated + SLA | |
| SSO/OIDC | — | — | ✓ | ✓ |
| Self-hosted | — | — | — | ✓ |
| Start Free | Start Starter | Start Business | Contact Sales |
- Quick Start — 2 minutes to first governed action
- SDK Reference — every method documented
- Integrations — MCP, LangChain, Vercel AI, OpenAI, CrewAI, Composio
- Policy Guide — authoring, versioning, testing
- Compliance — FINRA, EU AI Act, NIST AI RMF
- API Reference — every endpoint
We welcome contributions! See CONTRIBUTING.md for guidelines.
The SDK (packages/sdk/) is Apache 2.0. The platform (apps/) is FSL 1.1.
- SDK (
packages/sdk/,packages/shared/): Apache License 2.0 — use freely for any purpose - Platform (
apps/api/,apps/dashboard/,apps/docs/,apps/landing/,apps/demo*/): Functional Source License 1.1 — free for evaluation, testing, education, and production use by organizations with annual revenue under CHF 1,000,000. Organizations above this threshold require a commercial license. Cannot offer as a competing hosted service. Converts to Apache 2.0 after 2 years.
