First supported use case
Govern coding and devops agent actions before they run.
dexgate focuses first on high-consequence development actions: shell commands, file patches, and deploy-class operations proposed by AI coding and devops agents.
Free adapters provide local hard gates. Paid dexgate adds a policy decision point, scoped action passports, protected-executor verification, and outcome evidence for production-bound workflows.
Start Free
See Product
See Pricing
The protected object is the proposed action
User permissions and sandboxes still matter, but they do not answer whether a proposed agent action should run now. dexgate evaluates the proposed action itself and returns a gate result before the protected executor acts.
Shell commands
Block dangerous local commands by default, and require governed authorization for production-bound shell execution.
Patch and file mutation
Gate apply-patch and file write/delete actions so the executor can refuse work that lacks scoped authority.
Deploy-class operations
Constrain promotion, rollout, and infrastructure-adjacent actions with environment, target, and expiry boundaries.
Free gate vs paid passport path
Free local hard gate
Use the adapter to block known risky local actions and evaluate fit. This path does not mint an action passport or create a governed customer decision record.
Paid dexgate runtime
Send production-bound proposals to the SDE-backed policy decision point. Allowed actions must carry a scoped passport the protected executor can verify or refuse.
Runtime contract
Proposal
Tool, action, target, user, environment, and evidence.
GateDecision
Allow, deny, constrain, acquire evidence, simulate, or escalate.
Passport
Scoped authority with schema id, target, constraints, expiry, and proof.
Verify
The executor checks the passport before acting and refuses missing or invalid authority.
Outcome
Execution or refusal evidence feeds review, troubleshooting, and reliability work.