Governance Audit
A structured review of how your AI agents decide, refuse, and respect boundaries.
Most agent systems are built for capability. Few are built for governance. The person responsible for asking "should this system work this way, and for whom?" has no instruments. We scored five major agent frameworks against commons governance principles. The best scored 9 out of 24. None addressed a single obligation to the people their agents affect. The gap shows up as inconsistent behavior, unclear boundaries, no refusal architecture, no drift detection. You notice it when something goes wrong - or when a regulator asks how your agents make decisions and you don't have an answer.
Focused Assessment
A structured review of one or two governance domains. Choose from: identity architecture, memory governance, restraint specification, voice and behavioral consistency, context engineering, or sovereignty posture.
- 1-2 weeks, async review + one 60-minute debrief call
- Best for teams early in governance thinking, or teams assessing a specific area before going deeper
You receive: a findings report with prioritized recommendations.
Full Governance Audit
Comprehensive review across all four trust pillars: identity, memory, governance, and refusal rights. Based on the same frameworks published in our open products.
- 3-4 weeks, async review + two 60-minute working sessions
- Best for teams preparing for deployment, regulatory review, or scaling agent systems
You receive: a findings report, restraint specification draft, drift indicators, and implementation roadmap.
Sliding scale available for nonprofits, grassroots organizations, and limited-resource teams. We'll discuss in the discovery call.
How It Works
You tell us about your system.
Short intake form - what you're building, where you think the gaps are, what's driving the timing.
We scope the engagement.
Free 30-minute discovery call. We confirm tier, timeline, and deliverables.
We review.
Async access to your system documentation, architecture, prompts, and agent configurations. We assess against our governance frameworks.
We deliver the report.
Findings, priorities, and a roadmap you can act on.
We walk through it together.
Debrief call to discuss findings, answer questions, and identify next steps.
Not sure yet?
Start with the self-serve instruments. The Level 6 Governance Toolkit ($99) includes the Ostrom Score, Identity Violation Assessment, and Agent Consent Architecture - the same instruments we use in consulting engagements. Run them yourself. If the results raise questions you can't answer alone, that's where the audit begins.
Or start free: the Sovereignty Assessment for the Governed is 21 questions across 7 domains, no cost, on your own time.
Who This Is For
- Teams building AI agents and preparing for production deployment
- Organizations facing regulatory questions about agent behavior - EU AI Act, COPPA, HIPAA
- Founders who built the agent and now need the governance
- CTOs who know "it works" but can't explain "how it decides"
This is technical governance, not legal advice. For legal interpretation of regulations, please consult a qualified attorney.
In Practice
Trust Architecture in the Wild
A defensive AI security platform analyzed through all four pillars of trust architecture - identity, memory, governance, and refusal rights. See how these frameworks work on a live system.
Read the full case studyLet's Talk
Free 30-minute discovery call. No pitch deck. Just a conversation about where you are and what you need.
See our full consulting services or read our Defensive Patent Pledge.