PUNK

// AI agent governance

Put policy between agent intent and action.

Punk evaluates model and tool activity with identity-aware rules. Low-risk work can continue; consequential actions can be blocked or held for a person to review.

Punk provides enforcement and evidence primitives. Your organization remains responsible for its policy design, access controls, and compliance decisions.

// controls that travel with the request

Know who, what, and how risky.

Identity

Preserve scope

Attach tenant, app, agent, and pseudonymous subject context so decisions and reusable routes do not cross the wrong boundary.

Policy

Evaluate behavior

Apply MeshGuard-compatible rules to model requests and declared tool actions within the runtime path.

Approval

Pause consequences

Hold selected actions for human review instead of treating every agent choice as equally safe.

// conservative defaults

Unknown actions should not look harmless.

Punk uses five side-effect levels, from read-only work through irreversible external consequences. Undeclared tools default conservatively to a user-visible write posture.

Action postureExamplePossible handling
Read-onlyRetrieve approved knowledgeAllow and record, subject to policy
Reversible writeUpdate a draft recordAllow, constrain, or review
User-visible writeSend a messageOften require explicit policy or approval
External commitmentPlace an orderHold or block by default policy
IrreversibleDelete production dataStrongest restriction

// adaptive, not unbounded

Learning never outranks policy.

A reusable route must remain inside the same tenant and safety dimensions, pass its evidence gate, and be allowed by current policy. Ineligible optimized paths return to the configured live provider.

What teams gain

  • One replayable record of requests, tools, policy, and routes
  • Human review for selected consequential actions
  • Route explanations attached to served responses
  • Policy-aware replay and shadow testing

Important boundaries

  • Auditability is not a compliance certification
  • Tool declarations must be accurate
  • Policies require testing and ownership
  • Fallback behavior must match your risk posture

Observe policy before enforcing it.

Begin with visibility, validate identity and tool declarations, then choose which decisions should block, continue, or wait for approval.