Governance layer for AI agents

Evaluate every action before it runs.

SafeNode is a multi-tenant policy firewall for AI agents. Send normalized action envelopes; get allow, warn, review, or deny—with impact and risk scores, matched policies, and full audit trails.

Open dashboard View API

How it works

1. Send envelope

POST to /api/v1/evaluate with agent_id, action_type, payload, and context. Auth via API key per agent.

2. Rules engine

Hard rules (blocked vendors, regions, sensitive data, spend) and weighted scoring (privacy, carbon, cost, trust, policy fit). Laravel-native; OPA-ready later.

3. Decision + trace

Response: decision, impact_score, risk_score, matched_policies, reasons, alternatives, trace_id. Append-only audit and optional redaction.

Why this matters

AI agents are moving from demos into production. They send emails, call APIs, spend budget, and touch customer data. Letting every action run with no guardrails is a risk we can’t afford.

Safety & control

One misconfigured agent can leak data, hit the wrong API, or blow through budgets. A policy layer lets you decide what’s allowed before it runs—so you stay in control at scale.

Built for the future

Regulations and best practices for AI are still forming. Getting allow/deny, audit trails, and overrides in place now means you’re ready for whatever comes next—not scrambling when it’s required.

SafeNode gives you a single place to evaluate every action, enforce rules, and keep a full record. So you can ship AI with confidence.

Capabilities

Hard rules
  • Blocked vendors (AI or external)
  • Unapproved regions (geo + cloud)
  • Sensitive data patterns
  • Spend thresholds
Scoring & governance
  • Deterministic weighted factors
  • Policy versioning (immutable JSON)
  • Override queue and audit trail
  • Configurable redaction

API

Single endpoint. API key in Authorization: Bearer <key> or X-Api-Key. Rate limits per key and per org. 

POST /api/v1/evaluate
{
  "agent_id": "optional-if-from-key",
  "action_type": "call_model",
  "payload": { ... },
  "context": {
    "region": "eu-west-1",
    "geo_country": "DE",
    "vendor_id": "openai",
    "cost_estimate": 0.02
  }
}

Response: decision, impact_score, risk_score, matched_policies, reasons, alternatives, trace_id.

Dashboard

Filament admin: overview stats, live decision feed, trace inspector, policy builder, vendor registry, agents & API keys, override queue.

Open admin

Dashboard guide

Brief overview of each area in the admin dashboard. For full details see How it works and API.

Agents

Agents are the AI applications or integrations that send actions to evaluate. Create one per product (e.g. one per OpenAI integration). Each agent has API keys for authenticating requests to /api/v1/evaluate.

Policies

Policies define hard rules and scoring weights. Use versions to keep an immutable history. The engine evaluates each action against the active policy and returns allow / warn / review / deny with impact and risk scores.

Vendors

Vendors are AI providers or external APIs. Register them here; policies can block or allow by vendor. Link each agent to a vendor.

Decision feed & overrides

The decision feed shows recent evaluations. Overrides let you change a decision (e.g. allow a denied action) with audit trail. Use the trace ID to correlate with your logs.