PolicyGate is a deterministic policy engine that governs autonomous systems at runtime. Same kernel, two verticals: AI agents and autonomous trading. Every decision logged. Every action governed.
See What We've ShippedAutonomous systems operate with dangerous defaults. Every day.
Publicly bound to 0.0.0.0 with no authentication
Running inside privileged or root containers
API keys sitting in plaintext .env files
Config files world-writable on shared hosts
Trading bots executing without position limits or drawdown controls
Autonomous strategies with no audit trail for regulatory compliance
These are real risks. ClawShield detects agent misconfigurations today. PolicyGate Capital enforces trading constraints at runtime.
One kernel. Two verticals. Every decision deterministic.
┌─────────────────────────────────────────────────┐
│ PolicyGate Kernel │
│ Intent → Policy Evaluation → Decision → Log │
│ (frozen dataclasses · deterministic replay) │
└──────────┬──────────────────────┬────────────────┘
│ │
┌─────────┴─────────┐ ┌────────┴──────────┐
│ PolicyGate Agent │ │ PolicyGate Capital │
│ AI agent tool │ │ Trading order │
│ governance │ │ governance │
└──────────┬─────────┘ └─────────┬──────────┘
│ │
┌─────────┴──────────────────────┴────────────┐
│ ClawShield │
│ Static pre-deployment security scanning │
└──────────────────────────────────────────────┘
The core primitive: every action is an intent that passes through policy evaluation before execution.
The same kernel powers both verticals — frozen dataclasses, deterministic replay, append-only audit trails.
Three packages. All open source. All on PyPI or GitHub.
Runtime governance for AI agents
Runtime governance for autonomous trading
ClawShield audits agent configs, containers, secrets, and permissions against security policies before deployment.
The PolicyGate kernel evaluates every intent against policy rules at runtime — deterministic, no exceptions.
Every decision is logged with full context. Append-only audit trails enable deterministic replay and compliance reporting.
Deterministic policy engine, 93 tests, on GitHub
Position limits, drawdown, order validation, audit trails, on PyPI
11 detection rules, static security scanning, on PyPI
guard_tool() wraps tools with policy enforcement
Connect PolicyGate Capital to live broker/exchange APIs for production trading governance.
ClawShield detects exposure from docker-compose port mappings, not just agent config.
Support for more AI agent frameworks beyond OpenClaw.
Watch mode for live detection of configuration drift.
Pre-built policy sets for common deployment profiles.
We're looking for a technical cofounder with deep systems engineering experience — event-driven architecture, deterministic runtime design, reliability engineering. If you've built infrastructure where correctness matters, let's talk.
Get in TouchGet PolicyGate updates, new releases, and early access.
No spam. Unsubscribe anytime.