Safety rules for AI agents. Write rules in a simple DSL, the compiler verifies them, the runtime enforces them.
Step-by-step guides that build working agents. Start here.
Sequencing and permanent blocking. The agent must back up before deleting and can never use rm.
Chained dependencies, human approval gates, and session rate limits. A full CI/CD pipeline.
Build it →Dot notation tool mapping, action-dispatch tools, cycling dependencies, and rate limits.
Build it →Cross-domain composition. One agent, 13 tools, 5 domains, 10 rules — everything composes automatically.
Build it →Combine simple rules with stateful workflow nets. Branching pipelines, resource tokens, and layered composition.
Build it →Compile rules once at startup, create fresh sessions per request. Per-user isolation with the factory pattern.
Build it →Package documentation and API reference.
DSL reference, composition model, and internals. Learn how to write safety rules and how they compile to verified Petri nets.
Read docs →Workflow execution engine. Guards, executors, batch concurrent execution, dynamic net expansion, and SQLite persistence.
Read docs →The core primitive. Framework-agnostic Petri net gating — skill nets, deferred transitions, tool mapping, multi-net composition.
Read docs →Wrap your Vercel AI SDK tools with Petri net gating. One function call instruments every tool with safety checks the model cannot bypass.
Read docs →Hook into Claude Code's tool pipeline. Block Bash, gate file writes, enforce ordering constraints — all via Petri net hooks.
Read docs →In-process Petri net hooks for programmatic agents. No state files — the gate manager lives in memory alongside your agent.
Read docs →