Personal agents like OpenClaw are becoming increasingly capable, and more worryingly, popular amongst non-technical folks. I built arbiter to be an easier way to enforce standards on agents in consumer and enterprise settings.
The current repo focuses on deterministic tool governance rather than general AI safety. The hot path is a Go interceptor, policies are written in Rego, and the executor verifies the approval token before doing the side effect. There’s also a control plane for policy rollout, bundle distribution, and audit history.
Today it supports the core enforcement path, replay protection, streamed tool-call interception, policy bundles, and a control-plane alpha. The main target is people running agents through tools like LiteLLM, LangChain, OpenClaw, or similar middleware who want hard policy checks instead of “best effort” checks.
Its still in alpha. I think it is strong enough for demos and early pilots, but not yet something I’d market as enterprise ready.
I’d especially love feedback on:
- whether the trust model makes sense
- which integrations matter most
- whether the control plane is the right solution to this
- what would make this viable in a real team or enterprise setting
Personal agents like OpenClaw are becoming increasingly capable, and more worryingly, popular amongst non-technical folks. I built arbiter to be an easier way to enforce standards on agents in consumer and enterprise settings.
The current repo focuses on deterministic tool governance rather than general AI safety. The hot path is a Go interceptor, policies are written in Rego, and the executor verifies the approval token before doing the side effect. There’s also a control plane for policy rollout, bundle distribution, and audit history.
Today it supports the core enforcement path, replay protection, streamed tool-call interception, policy bundles, and a control-plane alpha. The main target is people running agents through tools like LiteLLM, LangChain, OpenClaw, or similar middleware who want hard policy checks instead of “best effort” checks.
Its still in alpha. I think it is strong enough for demos and early pilots, but not yet something I’d market as enterprise ready.
I’d especially love feedback on:
- whether the trust model makes sense - which integrations matter most - whether the control plane is the right solution to this - what would make this viable in a real team or enterprise setting