Launching today
OpenBox
See, verify, and govern every agent action.
222 followers
See, verify, and govern every agent action.
222 followers
OpenBox provides a trust platform for agentic AI, delivering runtime governance, cryptographic verification, and enterprise-grade compliance. Integrates via a single SDK with LangChain, LangGraph, Temporal, n8n, Mastra, and more. Available to every organization with no usage limits.
Simple Utm
This is a problem that does not get enough attention yet. Everyone is focused on making agents more capable, but the question of "how do you prove they acted within policy" is going to matter a lot more as agents start touching real workflows at scale.
The cryptographic verification angle is interesting. Most governance approaches I have seen are audit logs after the fact. Proving compliance at the point of execution is a different thing entirely.
Question: how does OpenBox handle governance for agents that are pulling context from multiple systems with different access policies? For example, an agent that reads from both a public knowledge base and a restricted HR system in the same workflow. Does the governance layer enforce per-source permissions, or is it more at the action level?
Really thoughtful point @najmuzzaman, and you’re right, this is exactly where governance starts to matter as agents move into real workflows.
It’s handled at both the source and action level. Each context source is evaluated with its own identity and access policy, so an agent can read from public data while restricted systems like HR remain permission-gated.
When the agent composes a workflow, OpenBox then checks whether that specific action is allowed given the combined context, and can block or redact steps if sensitive data would flow into an unauthorized tool or output.
Nas.io
I'm wondering how the cryptographic verification works when an agent pulls from multiple data sources with different permission levels in a single workflow?
@tahir_mahmood8 @asim_ahmad_cfa @grover___dev Congrats on the launch... lets presume you were to explain this product to someone with minimal technical knowledge as it relates to use case within a business (a business that uses AI but isn't too deep into the compliance / governance side of how this works) - how would you go about outlining the use case.... asking for a friend!
GrowMeOrganic
Huge congratulations @natsuda_uppapong @phaituly @tonyopenbox on shipping this. How does the cryptographic verification works when you need to halt an action mid-execution, does the signature still get created for the attempted action that got blocked?
Documentation.AI
I've been thinking about this space a lot lately and honestly most governance solutions I've seen are either too heavyweight for dev teams or just basic logging that doesn't actually prevent anything bad from happening.
How does this handle the performance hit when you're doing real-time policy checks on every agent action, especially for high-frequency workflows where latency actually matters?
ConnectMachine
I've been dealing with audit nightmares from our ML ops team and that OPA policy engine integration could actually save us months of compliance work it seems.
OpenBox
What Tahir has laid out here is what we have been building toward: a platform that governs every agent action at the point of execution, with full observability and cryptographic proof, from day one. If you are building with agents and want to understand how it works technically, happy to answer everything here.