Govern agent actions before they touch production.

dexgate turns coding and devops agent proposals into scoped action passports. Shell, patch, and deploy-class actions run only after policy, evidence, authority, and hard constraints are checked.

Public beta · Free: OpenClaw recommended · Also: Codex · Early: Grok · Claude · Cursor · Copilot · all adapters

OpenClaw Recommended free
Codex Mature beta

Paid runtime is early access / pilot. Not generally available production until external licensed first-success is proven.

Start free with local hard gates on Windows or Linux. Upgrade when you need production allow-with-proof, Passport evidence, and exportable audit — paid runtime is one Linux Docker host (pilot).

Purchase

  • Blocks risky local actions in free mode
  • Mints scoped passports in the paid path
  • Leaves reviewable decision and outcome records behind

Why Existing Security Controls Are Not Enough

Traditional security controls who can access systems. AI agents inherit those broad permissions and can autonomously perform any action the account is allowed to do. That creates a dangerous gap.

Sandboxing changes where an agent runs. It does not decide whether a sensitive allowed action should proceed.

Existing approaches fall short:

Approach Limitation
Permissions The agent still inherits the user's or service account's allowed actions.
Sandboxing It limits environment reach but does not approve or deny business-sensitive actions.
Agent settings They shape behavior, but they do not provide independent action approval or evidence.
Monitoring It helps with forensics, but usually only after the action has already happened.
Policy engines They lack reliable real-time interception of agent actions and rarely produce the contextual evidence security and audit teams require.

dexgate evaluates agent actions before execution and leaves a reviewable record behind.

Decision Execution Governance

Decision Execution Governance is the missing control layer for organizations running automated systems and AI agents. Instead of only controlling access or monitoring after the fact, it evaluates every proposed action before execution, authorizes, constrains, blocks, or escalates it, and records the full decision for engineering, security, compliance, and audit teams.

Traditional Security

User
AI Agent
System

Controls access

Decision Execution Governance

User
AI Agent
Governance Layer
System

Controls decisions before they become actions

Agent Execution Governance

Agent Execution Governance applies Decision Execution Governance specifically to AI agents.

It gives security and engineering teams the same level of control and visibility they expect for human users, only now for autonomous agents.

Traditional security controls who can access systems. Decision Execution Governance controls what automated systems and AI agents are allowed to do once they have that access.

GateDecision and Passport Example
Proposal
Codex proposes apply_patch("settings.py") against production configuration.
Policy Evaluated
Production-change profile: evidence, environment, target, and rollback constraints.
GateDecision
DENY: missing rollout evidence
Passport / Verify / Outcome
Passport: none; Verify: refuse; Outcome: executor did not mutate files.

Every paid governed action should show Proposal, GateDecision, Passport or no-passport refusal, Verify, and Outcome evidence.

Interactive 30-Second Demo

Without passport governance

Agent inherits permissions

Action executes

Monitoring sees it later

With governance

Action is intercepted

Policy returns a GateDecision

Executor verifies or refuses a scoped passport

Agent Proposal

> apply_patch("settings.py") in production

The paid path is useful only when the protected executor can verify a scoped passport or refuse the action.

Choose your adapter

Pick the adapter for the runtime your team uses today. All adapters are public beta — start with the fastest free path for evaluation, then use paid pilot when you need Passport evidence.

OpenClaw adapter

Recommended free · public beta

Most mature free local hard-gate path. Get started in about a minute.

Codex adapter

Mature beta

Free shell/patch hard gate with controlled host coverage; demo and docs included.

Also public beta: Grok Build, Claude Code, Cursor, and GitHub Copilot — same free hard-gate model (early beta; lighter external proof).

See all adapters · Get started

from Automated Decision Systems import governance

governance.enable()

agent.run("deploy update")

Start with a small integration step, then scale policy control as rollout requirements grow.

How It Works

How It Works

Start with local hardening, then add governed policy decisions when a rollout needs stronger execution control and reviewable evidence.

1

Intercept the action

The adapter sees the proposed shell, patch, or tool call before the runtime commits to it.

2

Apply safer defaults

The free local hard gate blocks or narrows risky behavior locally while you evaluate governed policy.

3

Evaluate policy

dexgate checks the action against the customer’s runtime policy, gateway identity, and environment profile.

4

Leave evidence behind

Each governed outcome produces a decision record that security, audit, and engineering teams can review.

Start with free local hardening. Add full governed policy, decision records, and managed updates when you are ready.

Rollout model

The recommended path is one runtime, one deployment boundary, and a short list of actions you care about first. dexgate is built so you can validate that path before broadening environments, gateways, or evidence expectations.

Show technical details

Technical details: free mode uses local hardening. dexgate uses SDE-backed policy decisions and governed evidence outputs.

Start FreeSee Pricing

Review Readiness

Security Review Ready

Hand your security, compliance, and audit teams the exact evidence they need to approve rollout with confidence.

Decision records

Show what action was proposed, which policy applied, and what outcome was returned.

Policy evaluation logs

Support internal review, troubleshooting, and controlled rollout changes.

Compatibility declarations

Make runtime, adapter, and release boundaries explicit so buyers know exactly what was validated.

Release evidence packs

Bundle the artifacts teams need for change review, signoff, and later audit reference.

Use them to support security review, internal approval, and deployment planning.

Assurance Materials

Evidence You Can Hand to Security and Audit

Validate free local hardening through observable blocked and allowed behavior, then upgrade to governed enforcement for artifacts your team can inspect, circulate, and keep as part of a review package.

These materials support internal review. They do not by themselves imply regulatory compliance, third-party approval, or audit success.

View Assurance DetailsOpen Review Kit

Commercial Model

Pricing

Start free with local hard gates. Move into dexgate when you need governed action control, decision records, and managed policy updates.

One commercial ladder across public-beta beachhead adapters (OpenClaw recommended free path; Codex mature beta; Grok/Claude/Cursor/Copilot early beta). Paid is early access / pilot. See Compatibility and Assurance.

Free

$0

Free local hard gate for supported adapters.

Production

$99/mo or $990/yr

1 gateway / 2 environments.

Team

$499/mo or $4,990/yr

3 gateways / 3 environments.

Business

$1,999/mo or $19,990/yr

10 gateways / 5 environments.

Enterprise: custom annual agreement for procurement, rollout design, and expanded validation scope.

See Pricing Purchase

Roadmap

All adapters are public beta. OpenClaw is the recommended free path; Codex is mature beta; Grok/Claude/Cursor/Copilot are early beta. Paid runtime is pilot. Roadmap: first external licensed success, broader surfaces, CI governance, fuller Codex pre-execution coverage, and graduating adapters only with evidence.

CI Governance

Deterministic controls for promotion, release approval, and deployment boundary changes.

Additional Runtimes

More governed adapters for agent and automation surfaces beyond today’s coding runtimes.

Evidence Automation

Cleaner packaging for review kits, release notes, validation history, and internal approval workflows.

Get Updates

Subscribe for category updates, release notes, and early adopter news without booking a sales call.

Subscribe

Enterprise Support

Self-Serve First, Enterprise Ready

Install and verify quickly, then bring in partner-assisted rollout planning, buyer review support, and security evaluation guidance when your organization needs it.

Rollout design Buyer review support Security evaluation guidance

Purchase View Partners