Gavrun sits between your agents and the systems they touch. Every tool call gets a verdict in milliseconds — and the dangerous ones wait for a human.
No card · no redeploy · wraps one call
Sits in front of the frameworks and runtimes your agents already use
The moment an agent can call a tool, it can move money, delete data, email a customer, or spin down a server — without asking. Most teams have no idea what their agents actually do until something goes wrong.
Input guardrails check the prompt, not the call. By the time an agent fires a tool, the refund is sent and the rows are gone — there's nothing between intent and impact.
When an agent does something it shouldn't, you're reconstructing it from scattered logs. No decision trail, no token accounting, no answer for audit or your security team.
A looping agent can burn thousands in tokens overnight, or leak sensitive data to a model, before anyone notices. Adoption stalls because no one can sign off on the risk.
Onboard agents, author policies, clear approvals, and read the activity trail — from a single developer control plane. Metering and risk on the front page, decision history one click away.
Register an agent, pull its scoped credentials, and configure once. Gavrun intercepts each tool call — deciding, recording, and routing for approval whenever your policy says so.
pip install langman (PyPI), then Gavrun.from_config() with a scoped agent_id and client secret — set once per agent.
Every tool call is intercepted automatically — no changes to your agent loop, no redeployment.
Configure rules per tool — thresholds, token budgets, and human-approval requirements. Changes take effect immediately.
from gavrun import Gavrun, GavrunDecisionDenied
gavrun = Gavrun.from_config(
config_path="~/.gavrun/gavrun-governance.yaml",
agent_id="agent_76f70164eb79",
)
# Wrap any tool or model call — Gavrun
# decides before it ever runs.
try:
result = gavrun.guard_execution(
action_type="tool",
action_name="stripe.issue_refund",
payload={"amount": 3180, "customer": "cus_5521"},
callback=lambda: issue_refund(amount=3180),
)
except GavrunDecisionDenied as e:
logger.warning("Denied: %s", e.reasons)
# → allow · block · held for a human
Zumie Gateway brings the full agent monitoring and policy enforcement stack to your AWS environment. Same decisions, same audit trail — on infra you control, behind your own VPC.
Zumie Gateway runs in your AWS account. No agent call data leaves your environment — full control over where it lands.
Every tool call, token spend, policy hit, and approval request — logged and searchable inside your own stack.
Point your existing Langman config at your Gateway endpoint. Same SDK, same policies — no agent changes needed.
Open a preview workspace, point your agents at Gavrun, and watch the first decisions land in minutes. Sign in to pick up where you left off, or start fresh — no card, no redeploy.
Preview access · no card, no redeploy