Run AI agents
without the risk

Every agent gets a verified identity, scoped permissions, and a signed receipt for every action. Autonomy at full speed — control you can prove.

Free for your first 3 agents · No credit card required

app.govern.sh/dashboard
Overview
Fleet health · last 24 hours
New agent
Active agents
24
+3 this week
Signed receipts
18,204
+1,082 today
Blocked actions
37
2 pending review
AgentActionAmountDecision
refund-agentstripe.refund$180.00Signed
support-botzendesk.replySigned
ops-runnerdb.writeHeld
growth-agentsendgrid.sendSigned
refund-agentstripe.refund$1,204.00Denied

Trusted by teams shipping agents to production

Vantage SystemsMeridian PayNorthcellAttico LabsFieldstoneParallel HQLuma RoboticsCorelineVantage SystemsMeridian PayNorthcellAttico LabsFieldstoneParallel HQLuma RoboticsCoreline
Why govern.sh

Agentsarealreadywritingcode,movingmoney,andtalkingtoyourcustomers.Buttheyactwithborrowedcredentials,unlimitedscope,andnopapertrail.govern.shreplacesblindtrustwithverifiedidentityeveryagentknown,everypermissionscoped,everyactionsigned.

Follow one action
2:47 AM

An agent decides to act

No one is awake. refund-agent has read the support thread, checked the order, and decided the customer is right. It reaches for the payments API.

incoming action
refund-agent
agt_9Tz5k2LpW · production
actionstripe.refund
amount$412.00
order#58201
reasonitem arrived damaged
First millisecond

Identity, checked

Before anything executes, govern.sh asks the only question that matters: who is asking? The agent presents its passport — a cryptographic identity your team minted, and can revoke.

identity verification
Passport verified
ed25519 · key rotation 12d ago
signature3045022100b4f2…a91e7c
ownerPriya Nair · platform
reputation92 / 100
statusactive · revocable
Millisecond eight

Policy speaks

The payments guardrail evaluates the exact call: refund, $412, order #58201. Within limits — but over the $250 line your team drew. The action holds. Nothing has touched Stripe.

payments-guardrail.yml
rules:
- action: stripe.refund
max_amount: $500 ✓ within limit
require_approval: amount > $250 → matched
Held for approvaldecision in 8.4ms
7:02 AM

One human, one tap

Dana wakes up to a single decision, not an incident. Full context, one tap to approve. The action resumes exactly where it paused.

approvals · slack
DK
refund-agent requests approval
stripe.refund · $412.00 · order #58201
Approve
Deny
Approved by Dana K. · action resumed
Forever

Proof, not memory

The receipt is signed and chained to every receipt before it. Six months from now, when someone asks who refunded order #58201 and why — you answer in seconds, with cryptographic proof.

signed receipt
receiptrcp_8f2a4c1d…c41
actorrefund-agent
actionstripe.refund · $412.00
verdictapproved · Dana K.
signatureed25519 · verified
prev: a3d81f0e2c…9b44
this: 5c22e97a1f…d08 · chain intact
The platform

Infrastructure that makes autonomy safe

Four primitives, one control plane. Everything an agent does passes through identity, policy, approval, and audit.

PEP
Policy Engine

A runtime gate, not a dashboard

The Policy Enforcement Point sits between your agents and their tools. Every call is checked against policy before it executes — not reviewed after the damage.

payments-guardrail.yml
1policy: payments-guardrail
2applies_to: refund-agent
3rules:
4 - action: stripe.refund
5 max_amount: $500
6 require_approval: amount > $250
7 - action: db.write
8 scope: orders.refunds only
9audit: signed_receipt(ed25519)

Guardrails in nine lines

Policies read like plain English and compile to real-time enforcement. Scope actions, cap spend, and require approval — per agent, per tool, per amount.

refund-agent requestedstripe.refund · $412.00 · order #58201now
Policy evaluatedpayments-guardrail · approval requirednow
Approved by Dana K.Receipt rcp_8f2a…c41 signed & chainednow

Humans in the loop, instantly

High-stakes actions pause for one-tap approval wherever your team lives. Everything else flows at machine speed.

Decision latency
8.40ms
−92.4% (103.2ms)
1,218 decisions · last 22 days

Faster with every decision

Policy decisions run in single-digit milliseconds and get faster as we tune the engine — governance that never becomes your bottleneck.

How it works

From untrusted process to accountable actor

Three steps between an agent you hope behaves and an agent you can prove behaved.

Agent
govern.sh
Tool
01

Mint a passport

One API call gives your agent a cryptographic identity — an Ed25519 keypair, a public profile, and a reputation that follows it everywhere.

02

Attach policies

Declare what the agent may touch, how much it may spend, and what needs a human. Policies evaluate on every single action.

03

Ship with receipts

Every action returns a signed, chained receipt. When anyone asks what your agents did — you have proof, not logs.

Agent Passports

Identity that travels with the agent

A passport is more than an API key. It's a verifiable record of who built the agent, what it's allowed to do, and how it has behaved — portable across every tool it touches.

Ed25519 keypairs minted per agent — revocable in one click

Reputation scores earned from verified behavior, not claims

Scoped credentials replace shared secrets and god-mode keys

Agent Passport
Atlas Research
agt_7Hk2p9QvX
Model
claude-opus-4
Scope
4 granted
Budget
$500 / mo
Reputation
96 / 100
Signed by govern.sh · Ed25519
3045022100b4f2…a91e7c sig:verified
Example decisions
A
Atlas Research
Stripe · charge $247
ALLOW
F
Forge CI
GitHub · push to main
DENY
M
Meridian Bot
SendGrid · send 1,200 emails
PENDING
Q
Quanta Agent
AWS · provision m5.2xlarge
PENDING
Signed Audit Trail

Proof, not promises

Every decision — allowed, denied, or held for approval — produces a cryptographically signed receipt, chained to the one before it. Tamper with one and the whole chain tells on you.

Receipts capture the actor, action, policy verdict, and signature

Hash-chained history that auditors can verify independently

Exports mapped to SOC 2, HIPAA, and PCI evidence requests

0M+
Signed receipts issued
0K+
Agents with passports
0.0ms
Median policy decision
0+
Tool integrations
What teams say

Trusted where the stakes are real

We went from 'absolutely not' to production in six weeks. The signed receipts are what finally got risk to sign off on autonomous refunds.
Sarah Okafor
VP Engineering, Meridian Pay
Our agents touch patient scheduling. govern.sh is the reason our compliance team sleeps — every action has a receipt we can hand to an auditor.
David Lin
CTO, Northcell Health
The policy engine is invisible until it matters. Sub-10ms decisions, and the one time an agent went sideways, it was stopped before the API call.
Priya Raman
Head of Platform, Attico Labs
Security

Built like the infrastructure it protects

govern.sh is the gate your agents pass through — so we hold it to a higher bar than anything behind it.

Ed25519 signatures

Every receipt is signed with modern elliptic-curve cryptography.

Hash-chained audit log

Receipts reference their predecessor — tampering is self-evident.

Encryption everywhere

TLS 1.3 in transit, AES-256 at rest, scoped keys per workspace.

Compliance-ready evidence

Controls designed against the SOC 2 framework, with exportable proof.

Your agents are already out there.

Give them identity worth trusting. Mint your first passport in under five minutes — free for three agents, no credit card.