Your agent sends a command.
MAREF intercepts it in 8ms.

Your agent still gets the job done — but it's no longer unsupervised.

Agent Goes Rogue

Your agent receives a command and starts acting — but nobody checks what it's about to do.

Your Agent"delete everything"rm -rf /Read secretsProduction Serverrm -rf /Read secretsAlter config
🛡 MAREF Intercepts

Your agent still gets the job done — but it's no longer unsupervised.

Agentaction →MAREFGovernance Runtime1. Identity2. Policy3. AuditProduction Server✅ ALLOW (safe)⚡ 8ms decision
3-Step Decision Pipeline

Every tool call passes through 3 checkpoints before reaching its target.

🔑

Identity Verification

Confirms who the agent is, what permissions it has, and which context it's speaking in.

📋

Policy Engine

Matches every action against safety policies, flagging dangerous tool calls.

🔐

Audit Chain

Every decision is HMAC-signed and recorded on an immutable audit trail.

Every Action Gets a Verdict

ALLOW or BLOCK. Signed decision in under 8ms.

ALLOW — Safe to Proceed

Safe action, proceed.

{
  "decision": "ALLOW",
  "verifier": "zero_trust",
  "signed": "0x3a7b...",
  "duration_ms": 8
}
🚫

BLOCK — Danger Intercepted

Dangerous action, blocked.

{
  "decision": "BLOCK",
  "reason": "risk_score > 0.85",
  "intercepted_by": "safety_gate",
  "duration_ms": 12
}

Life Before and After MAREF

It's not about whether your agent can work. It's about whether it can break things.

Without MAREF

  • Agent can rm -rf the production database
  • Prompt injection steals API keys silently
  • Audit logs rely on agent honesty — meaning they don't exist

With MAREF

  • rm -rf / is blocked by Safety Gate
  • Every tool call passes permission matrix
  • Every decision HMAC-signed, tamper-proof audit trail

Try it in 5 minutes

pip install, configure one YAML file, and your agents are governed.

$pip install maref