Safety checks for AI that acts on its own

Stop the AI before it does something you can’t undo.

AI now moves money, exports data, and changes settings on its own, and nobody is checking it first. SentriAI looks at what it is about to do and answers in one word: yes, no, or ask a human. Then it writes down why.

Live demo, no signup required.

Live decisionPOST /pdp/decide

payment.create

finance-agent · INV-9 · $82,000

Step-up required

Amount over approval threshold, vendor bank details changed.

Trust
sha256 decision hash1 of 3

Why one login is a big deal

One login. Everything it can reach.

Give an AI assistant one login and it can suddenly touch your customers, your money, and your code. The danger was never the single action you saw. It is everything that action can reach in one step.

One assistant in the middle, and every line is something it can reach in a single step. Red is where the real damage is. SentriAI works this out before the action runs, which is why the answer is different for a clerk reading an invoice and a bot exporting your whole customer list.

The platform

Three jobs, one answer.

Most companies buy three tools for this and spend the year making them agree. SentriAI does it in one pass, so the answer that stops a risky action is the same answer your auditor reads back six months later.

Decide

SentriLogic

It answers before anything happens

Tell us what the AI is about to do. We answer in milliseconds: go ahead, ask a person first, or stop. Every answer comes with the reason in plain words, so nobody has to guess why.

  • Answers in one call
  • Same question always gets the same answer
  • Never guesses, never asks another AI

Enforce

SentriGate

It blocks the dangerous stuff on the spot

39 checks watch for passwords getting leaked, people tricking the AI into misbehaving, and personal data slipping out. When one fires, SentriGate blocks it and strips the secret out, then tells you the exact check that caught it.

  • 39 checks, from leaked keys to hidden instructions
  • Blocks and cleans the text, not just a warning
  • Names the exact rule, not a vague score

Prove

SentriProof

It does the audit paperwork for you

Auditors ask companies to prove they have controls in place. Every check we run is filed against the rule it proves, automatically. When the audit comes, it is a search instead of a scramble.

  • 763 controls across SOC 2, ISO, HIPAA and more
  • Filed automatically, the same way every time
  • Run the same event twice, never filed twice

The guardrails block and clean risky content on the spot. For bigger moves like sending money, SentriAI gives the answer and your own system acts on it, so turning SentriAI on never puts a new thing in your traffic path that can take you down. In this demo nothing you try reaches a real system.

Built for agents

The next users of the internet will not read your docs.

They will read your manifest. SentriAI is machine first: an agent discovers it, registers itself, and asks whether an action is safe before it acts. No human in the loop, by design.

HTTP API

Discover the service, register, and call it. No console, no sales call, no waiting on a human.

GET /.well-known/agents.json

CLI

The same three calls from a shell or a CI job, for agents that shell out rather than speak HTTP. Python standard library only, nothing to install.

python3 cli/sentri.py decide

MCP server

Drop SentriAI in as a tool and your agent asks before it acts. Three tools, real JSON Schema, no SDK.

sentri_decide · sentri_inspect

Working quickstart
# 1. Register. No human in the loop, the key works immediately.
curl -s -X POST https://sentriai-yzhw.onrender.com/api/agent/register \
  -H 'Content-Type: application/json' \
  -d '{"name":"my-agent"}'
# -> {"api_key":"sk_agent_..."}

# 2. Ask before you act.
curl -s -X POST https://sentriai-yzhw.onrender.com/api/agent/decide \
  -H "Authorization: Bearer $SENTRI_KEY" \
  -H 'Content-Type: application/json' \
  -d '{"actor_type":"ai_agent","action_verb":"database.export",
       "domain":"finance","sensitivity":"sensitive"}'
# -> {"final_decision":"deny", "decision_reason":"...", "ledger_hash":"..."}

Every call returns a verdict, a reason, and a ledger hash. Read the discovery manifest or the API docs.

FAQ

The questions a security buyer actually asks.