Use AI coding agents
where you normally can’t.
Capture agent tool calls, model usage, and approval decisions across your laptop, CI, and cloud workers — pre-production only, inside your own cloud.
Verification portal
AWS demo



Agent actions only
No keystrokes, screen, or editor capture
Pre-production
Laptop, CI, and cloud workers
Your cloud
Prompts and source stay in your account
Allow · Confirm · Block
Routine work flows; risk pauses
Instrument the agents your team already runs
- Claude CodeConnector
- CursorConnector
- GitHub CopilotRoadmap
- Custom agentsSDK
Connector coverage and proof artifacts are documented in curated use-case paths.
On the record — without being in your way
From an agent deciding to act to your auditor checking the record, the same four steps run every time.
Step 1
Capture
Tool calls and model usage from hooks and connectors — not the developer’s screen.
Step 2
Decide
Policy and sensitivity resolve to allow, confirm, or block. Same gate locally and in the cloud.
Step 3
Record
Signed, immutable decisions in your own storage — one system of record.
Step 4
Prove
Export verifier-checkable evidence packages with hashes and redaction policy.
Evidence your auditor can recompute offline
Portal read-backs and portable exports share manifest hashes, a redaction policy, and a verifiable chain. No raw prompts or source inside the package.
Portal read-back
FinCard demo

Operator view from the FinCard Network demo workspace — sessions, approvals, and audit land in one surface before export.
Evidence package manifest (redacted)
{
"schema": "autodevops.evidence_package.v1",
"packageId": "pkg_7f2a…c91e",
"manifestSha256": "a4e8…9b2f",
"redactionPolicy": "no_raw_prompts_or_source",
"chapters": [
"session_summary",
"approval_decisions",
"agent_run_audit_refs",
"provenance_query_chain"
],
"exportChain": {
"previousHash": "c3d1…8a04",
"entryHash": "f9b0…2e17"
}
}- Agent Run Audit chapters without raw transcript leakage
- Closed-loop signals only when audit-backed references exist
- Control mappings cite the artifacts regulators expect
One config. Same gate everywhere.
The same policy file governs agents on your laptop, in CI, and on cloud workers.
hooks:
pre-commit: [lint, security-scan]
governance:
default: confirm
providers:
bedrock:
region: us-east-1
budgets:
per_commit_tokens: 5000Policy engine
Deterministic rules — no LLM interpreting your policy. Prior approvals can let similar actions flow.
Audit trail
Every decision replayable with context. PR summaries bind to the same record whether the agent ran locally or on a worker.
Budgets, not surprises
Token and cost limits per commit, repo, or team. Hit a limit and the next call pauses for approval.
Inside your cloud. Owned by you.
No multi-tenant SaaS plane holds your prompts or audit log. AWS is the validated path today; Azure and Google Cloud adapter tracks are roadmap.
Amazon Web Services
Bedrock for inference, IAM-scoped Lambda workers, VPC endpoints, and immutable audit storage. Prompts and source never leave your account.
Microsoft Azure & Google Cloud
Adapter code exists for Azure OpenAI, Functions, Vertex AI, and Cloud Run. Customer-validated BYOC deployment remains roadmap.
Your developers’ agents. One connector shape regardless of vendor.
Control mappings for regulated buyers
SR 11-7, FFIEC, DORA, EU AI Act, ISO 42001, and SOC 2 narratives bound to portable evidence. See mappings →
See what your auditor will see
A live walkthrough on a real workflow — policy, approvals, audit — in your AWS account.