CruxApex AI Governance
AI Agent Trust Management

Govern AI agents before they govern your business.

CruxApex gives security, risk, and compliance teams a real-time control layer for AI agent fleets: policy-as-code mandates, high-risk decision review, behavior drift detection, tamper-evident audit trails, and incident-response workflows.

Request a governance pilot Preview the planned mandate library View open-source repo
Built from live multi-agent operations, not bolted onto a spreadsheet-first compliance checklist.

Enterprise AI agents are moving faster than governance teams can track.

Compliance tools can show whether controls exist. They usually cannot answer which agent made a decision, which policy authorized it, whether review was required, whether behavior drifted, or what evidence survives an audit.

Runtime Policy

Define what agents may do, when they must ask, and what proof they must record.

Decision Review

Route high-risk actions through council review before the agent commits.

Audit Evidence

Keep signed, hash-linked records for investigation, export, and governance review.

The AI Agent Trust Management Platform

CruxApex turns agent operations into governed, reviewable, auditable workflows.

Mandate Library

Policy-as-code templates for agent identity, action authorization, escalation, audit evidence, and data boundaries.

Council Review

Multi-reviewer gates for sensitive decisions and high-impact agent actions.

Drift Detection

Baseline agent behavior and flag divergence before it becomes a customer, regulator, or board incident.

PWCS Authorization

Claims, receipts, tokens, and closeout evidence for action ownership and approval.

Audit Chain

Tamper-evident activity records designed for inspection and export.

Mission Control

A buyer-visible surface for agent status, exceptions, usage, and evidence.

Built for agent operations, not just control documentation.

Legacy GRC / SOC 2 tool CruxApex AI Governance
Documents controlsObserves agent actions
Periodic reviewLive policy and drift signals
Model cards and spreadsheetsAgent-level authorization and audit trails
Human-only workflowsHuman plus council plus runtime evidence
Retrospective reportingReal-time governance plus exportable proof

Product proof from an operating agent system.

CruxApex is not starting from a blank repo. The Titan operating system already contains the product primitives. Every claim below is backed by a working component or exportable evidence record.

GET /demo/governance-proof — 5 buyer questions answered from live data

GET /demo/governance-proof — live API endpoint returning answers to all five enterprise governance questions. No mocks. Every field backed by a named tool, file, or database table.

Mission Control Usage tab — real-time AI call activity by model

Visibility

Every AI call logged: who, which model, how many tokens, what it cost, when. Three models active across this system right now.

Mission Control Budget tab — spend vs hard limit with freeze status

Cost Control

Set a dollar limit. When hit, all cloud AI calls stop automatically — enforced at the API layer, not the honor system. Resuming takes one file delete.

Mission Control Routing tab — LLM routing decisions with model and tier

Routing Intelligence

Routes each task to the cheapest capable model. Every local call is $0. Frontier model only when the task requires it — decision logged with reason.

Mission Control Arsenal tab — full inventory of built capabilities

Built, Not Promised

The full capability inventory — 80+ tools, daemons, and governance components built and running. This is the product we're productizing.

Live API
GET /demo/governance-proof
5 buyer questions · live data · zero mocks
Live Metric
GET /llm-routing/tok-hr
Real-time tokens/hour by model · rolling window
Evidence Source
ORCH4_DEMO_TELEMETRY_CHECKLIST
10 components mapped to buyer claims · 3-min demo script

Five governance questions, answered from live data.

Product proof captures show the operating surface behind the product story: agent identity, policy authorization, review state, drift status, audit evidence, usage, cost, routing, and capability inventory.

Governance proof endpoint showing five buyer governance questions answered from JSON data
Demo capture from /demo/governance-proof. It shows agent identity, policy, review, drift, and audit evidence fields from system data.
Mission Control usage tab showing model call activity

Usage Visibility

Mission Control view of model call activity for operator and buyer inspection.

Mission Control budget tab showing spend and limit visibility

Cost Control

Budget surface for spend and limit monitoring across agent operations.

Mission Control routing tab showing model route state

Routing Intelligence

Local route state for model selection, fallback planning, and governance review.

Mission Control arsenal tab showing capability inventory

Capability Inventory

Built-system proof through inventory of available tools and operational surfaces.

Token per hour endpoint showing local usage telemetry

Usage Telemetry

Token-per-hour endpoint evidence for model usage tracking and reporting.

Claim Boundary

These product proof captures show current system capability. They are not customer production evidence or compliance certification claims.

Open-source the governance method. Sell the managed control plane.

The governance method is being packaged as a source-available library. The managed control plane, enterprise support, and compliance reporting are the paid product boundary.

View titan-mandates View v0.1.1 release

Open Source

  • Mandate YAML library and schema
  • Local mandate validator
  • Council review reference API
  • Drift scoring reference API
  • Audit-chain example
  • PWCS authorization examples

Paid Product Boundary

  • Hosted Mission Control
  • SSO, RBAC, and enterprise support
  • Managed retention and WORM storage
  • Compliance report generation
  • Customer-specific deployment
  • Support SLAs and onboarding
titan-mandates/
  README.md
  LICENSE
  docs/
  mandates/
    schema/
    library/
    examples/
  packages/
    governance_core/
    council_gate/
    drift_monitor/
    pwcs_auth/
    audit_chain/
  examples/
  demo/
  scripts/

Start with a bounded governance pilot.

Register a small set of agents, apply the mandate library, route high-risk decisions through review, and generate an audit packet your compliance team can inspect.

Week 1

Map agents, policies, high-risk actions, and required evidence.

Week 2

Run policy gates, council review, drift scoring, and audit export on sample workflows.

Week 3

Review findings with security, risk, compliance, and executive stakeholders.

Claim guard: this page does not claim SOC 2, ISO 42001, HIPAA, FedRAMP, or EU AI Act certification. Product wording says "maps to," "supports," or "prepares evidence for" until formal reviews are complete.