Runtime controls and signed proof for agents that act.

For AI companies entering enterprise security review. Harden agents that use tools, credentials, customer data, and delegated authority — then produce evidence the reviewer can verify offline.

Agents are no longer chat windows. They are delegated systems.

They retrieve data, call APIs, trigger workflows, write files, update tickets, and act inside customer environments. That turns prompt injection, tool misuse, exfiltration, and unauthorized action into business risks — not abstract AI safety concerns.

Enterprise security reviewers see the same exposure. Vendor questionnaires, attestations, architecture deep-dives, and follow-up customer asks now arrive faster than a 30-person engineering team can answer them.

Buyers will ask what the agent could do, what it was blocked from doing, and how you know. Glacis gives fast-growing AI companies the runtime controls and the signed proof to answer in one artifact.

Control what agents can do at decision time.

Four runtime controls run at the action boundary — before the agent calls a tool, touches credentials, or moves data.

01 / TOOL

Tool permission

Allow, block, or escalate sensitive tool calls before the agent acts. Allowlists and parameter validation enforced at the boundary.

QUESTIONNAIRE · “What stops the agent from calling a destructive tool?”

02 / CREDENTIAL

Credential boundary

Prove which credentials, scopes, and systems were available to the agent at decision time. Signed in the receipt.

QUESTIONNAIRE · “Which production credentials can the agent reach?”

03 / DATA

Data access

Redact, block, or escalate risky data movement and suspicious context use. Customer data and PII never leave your stack.

QUESTIONNAIRE · “How do you stop exfiltration through the agent?”

04 / REVIEW

Human review

Require approval when impact, confidence, or policy context crosses a threshold. Approval signed and stored in the receipt.

QUESTIONNAIRE · “When does a human have to approve an agent action?”

Five lines on the agent. One artifact for the reviewer.

Receipts are generated at runtime when controls execute. Evidence packs are assembled from receipts. The reviewer gets a concrete artifact instead of a policy promise.

SDK · TypeScriptWrap a high-risk tool call.

import { attest } from '@glacis/runtime';

const receipt = await attest({
  workflow: 'support.export',
  policy:   'acme.agent.tool.v3',
  decision: 'BLOCK',
  rules:    ['tool.exfiltration'],
});

// → signed OVERT receipt, verifiable offline

Reviewer artifact · OVERT 1.0What the buyer’s security team gets.

Evidence PackAcme Support Agent · Q2 2026

Verified

Issuer: did:web:notary.glacis.io
Workflow: support.export · agent v4.2
Receipts: 1,247 control executions
Block events: 14 · tool exfiltration, scope, redact
Schema: overt://schema/v1.0/runtime-attestation
Verifiable: Offline, against issuer public key

ED25519 · ed25519-2026-q2 · chain depth 1,247

One agent workflow. One sprint. One reviewer-ready packet.

A 10-business-day engagement: bring one named workflow, leave with the evidence pack your customers can inspect.

Map delegated authority

Identify the credentials, tools, data, workflows, and actions the agent can reach. Threat-model the boundary.

Install runtime controls

Set allow, block, redact, escalate, and review rules at the agent boundary. SDK or sidecar — whatever fits your stack.

Generate signed proof

Produce signed OVERT receipts and an evidence pack for customers, security teams, and internal review.

Bring one agent workflow. Leave with a packet your customers can inspect.

Fixed scope. 10 business days. One named workflow. We map delegated authority, install runtime controls, and produce signed receipts plus a reviewer-facing artifact.

Founder design-partner engagements available for the first three customers — ask us on the call.