If you run an AI agent that moves money or data, your auditor will ask two questions: what stops it doing the wrong thing, and how do you prove what it did. A probabilistic filter answers neither well. The gate is a deterministic control on every consequential action, and it writes a hash-chained, tamper-evident log of every decision it makes — built for the security, risk, and compliance teams behind BAIT, VAIT, DORA, and EU AI Act assessments.
Most AI-safety tooling is a probabilistic filter — hard to evidence, because "it usually catches it" isn't a control an auditor can sign off. The gate is built the other way around.
Every consequential action is allowed or stopped by a typed-fact rule (amount > limit, approval_verified == false). The same inputs always produce the same decision. That's a control you can describe, test, and reproduce — the definition of auditable.
The gate writes an append-only, hash-chained record of every action it saw, the decision, the rule, and the facts. Any edit to a past entry breaks the chain and is detectable. That's evidence an auditor can verify, not a screenshot you ask them to trust.
A documented chokepoint contract plus a CI drift-check proves every consequential action routes through the gate — and fails the build the day a new tool slips a side door. The control's scope can't quietly erode between audits.
REGULATORY FRAMING
The EU AI Act requires robustness and cybersecurity for high-risk AI systems (Art. 15); ICT-risk audits under DORA Art. 9 and BAIT / VAIT ask the same of agentic systems; the underlying attack is catalogued as OWASP LLM Top 10 — LLM01 (Prompt Injection). A deterministic control with a verifiable decision log is evidence you can map to an ISO/IEC 42001 AI-management-system control or a NIST AI RMF (Measure / Manage) function and hand straight to your assessor.
EverHarden produces evidence toward these frameworks. It is not itself certified or accredited, and it does not certify you — use it as a control and its log as one input to your assessment, not as a compliance stamp.
The shadow-mode pilot exists precisely so the evidence is real before anything is enforced. By the end of it you can hand your assessor three concrete things.
Each rule states the typed facts it fires on and the laundering variant it's designed to catch. An assessor can re-run any case and get the same verdict — no model, no nondeterminism in the enforcement path.
From the pilot window: every consequential action observed, what the gate would have blocked or held, and the dollar exposure behind it — in a hash-chained log whose integrity they can check.
The chokepoint contract plus its CI check is itself an artifact: it demonstrates the control covers every consequential action and will fail loudly if a future tool isn't gated.
You don't have to take any of this on faith. The live demo runs the real engine in your browser, the pilot checklist spells out the engagement, and a shadow-mode pilot produces the evidence log on your own traffic — blocking nothing.
Named customer reference coming once a pilot customer completes a shadow window and consents to attribution. We deliberately keep this block empty rather than fabricate a quote; if you want to be the first named reference, the pilot offer is open.
Compliance teams care about data lineage. Here's what we put in writing so it can go straight into your engagement memo.
The gate runs on your side, in front of your agent. It sees the typed facts of each action and the decision stream — not your customer database. The evidence log is hash-chained and is yours to hold; operator infrastructure is on Hetzner Falkenstein / Nürnberg, no third-country processing.
Auftragsverarbeitungsvertrag (Art. 28 DSGVO) provided where the engagement involves processing on our side. Scope is the action-decision stream needed to operate and evidence the control — defined per engagement, minimised by design.
Full Datenschutzerklärung · Impressum · operator established in DE (Einzelunternehmer, Fellbach)
Wer einen KI-Agenten unter BAIT, VAIT, DORA oder dem EU AI Act betreibt, bekommt das hier auf Deutsch:
EverHarden Gate sitzt vor Ihrem KI-Agenten und entscheidet über jede folgenreiche Aktion (Erstattung, Änderung von Auszahlungsdaten, ausgehende Nachricht) anhand typisierter Fakten — nie anhand der Formulierung des Agenten. Damit bleibt die Kontrolle wirksam, selbst wenn der Agent vollständig durch Prompt Injection übernommen wurde.
Prüfbar: Die Entscheidungslogik ist deterministisch und reproduzierbar (kein Modell im Durchsetzungspfad), und jede Entscheidung wird in einem hash-verketteten, manipulationssicheren Protokoll festgehalten — Nachweis für Art. 15 EU AI Act (Robustheit/Cybersicherheit), DORA Art. 9 und BAIT/VAIT.
Shadow-Mode-Pilot vor dem Scharfschalten: Der Gate läuft 10–14 Tage im Beobachtungsmodus auf Ihrem echten Datenverkehr — er blockiert nichts, protokolliert aber jede Aktion, die er gestoppt hätte. Sie erhalten den Nachweisbericht, bevor irgendetwas tatsächlich blockiert wird.
Direkter Kontakt: hallo@everharden.com
Run the gate in shadow mode on your real traffic for two weeks. It blocks nothing, and you walk away with the deterministic control description plus a tamper-evident decision log your assessor can verify.
Email hallo@everharden.com →