Stop risky agent actions
before they execute.
ActPass sits between your AI agents and their tools. Every refund, deploy, or email gets a deterministic allow / deny / needs-approval decision — signed, replay-proof, and recorded in a tamper-evident evidence chain your auditors can verify.
Free: find the Lethal Trifecta in your mcp.json in 60 seconds
Technical guide: block system-prompt escapes with deterministic middleware
Support Assistants
Prevent autonomous refunds and out-of-bounds emails while allowing draft creation.
GitHub Code Agents
Enforce linear branch restrictions and prevent pushing direct to main without review.
Sales Outreach
Block high-volume autonomous cold outreach while permitting CRM enrichment.
Map your agent's blast radius
Declare what your agent can touch and preview the deterministic risk model. This is a configuration draft — the binding allow/deny enforcement happens at runtime (see the live decision below).
Agent Meta
Integrations
Zendesk Policy
Granularly define what the agent can do within this specific system.
1. Capabilities
Allow GET requests and data fetching.
Allow POST/PUT/DELETE requests.
Trigger complex remote workflows.
2. Quantitative Limits (Blast Radius Mitigation)
3. Human-in-the-Loop (HITL)
See a live decision — then verify the evidence
Run a real refund through the ActPass engine: a deterministic decision, sealed into a hash-chained ledger, then verified end to end. The “verified” mark below is the real output of the chain check — not a label.
Run a real action
Each button issues a signed Action Passport and sends a refund through the live ActPass engine — the same deterministic policy the SDK runs. Nothing here is scripted: the decision and the evidence are computed on the server and verified below.
Ephemeral demo — nothing is stored.
Pick an action on the left to watch ActPass decide, record, and prove it — end to end.