Enterprises are moving off hosted AI APIs and onto open-source models running on their own hardware. The moment you do, the provider's spend dashboard, rate limits, and audit trail disappear with the provider. AgentGuard® is the governance layer that stays: it runs inside your perimeter, and it signs a receipt that proves which model ran, whose weights it used, and where.
Govern a local model in 60 seconds See a signed receiptWhen your agents call OpenAI or Anthropic, the provider gives you spend limits, usage logs, and abuse controls for free. Point those same agents at vLLM, Ollama, or your own GPU cluster and all of that is gone. No caps. No kill switch. No audit trail. And you cannot rent the trust layer from a model vendor: a vendor cannot be the neutral auditor of its own models. Sovereignty needs a control plane that belongs to you.
AgentGuard is a pure SDK. There is no gateway in your traffic path, no proxy, no vendor cloud. Install it next to your agent, point it at any OpenAI-compatible endpoint including your own, and every action passes a signed, content-free gate before it runs.
New to self-hosting? Start with the 2026 hardware and setup guide: verified GPU prices, buy-vs-rent math, and the full vLLM/Ollama walkthrough.
Prompts, completions, keys, and policies never leave your infrastructure. Signing happens locally. We could not see your data even if we wanted to; there is nothing to subpoena, breach, or train on.
Spend caps, capability gates, and a kill switch enforced in-process, before the action happens. Not a retrospective log in someone else's cloud.
Hosted frontier APIs, open-source models on your GPUs, or both in one fleet. Swap models freely; the governance rail and the receipt format do not change.
Every decision settles to an Ed25519-signed, hash-chained, content-free receipt that anyone can verify independently, off-platform. Edit one byte and verification fails.
Saying "we run our own models and keep our data in-country" is a policy. Proving it is a receipt. AgentGuard receipts carry model and hosting provenance: which model family and version ran, the origin of its weights, the jurisdiction it ran in, and the data-retention posture. China-origin weights (GLM, DeepSeek, Qwen, Kimi and family) are detected and flagged automatically, and can be blocked for regulated workloads.
For a regulator, an auditor, or your own board, that is the difference between "trust us" and "verify it yourself." Receipts are content-free: they prove the decision and its provenance, never the underlying data.
You forked the model to own your intelligence. AgentGuard restores the governance you gave up: caps, gates, kill switch, and an audit trail your compliance team can hand to anyone.
Financial services, healthcare, legal, public sector. Jurisdiction and retention are fields on every receipt, aligned with the logging expectations of frameworks like the EU AI Act for high-risk systems.
Your data is your moat. A governance product that routes your traffic through its own cloud is asking you to mortgage it. AgentGuard never sees your traffic, by architecture.
"You cannot rent intelligence from the same place that rents it to your competitor, and you cannot rent trust from the vendor whose model you are auditing. Own the weights. Own the data. Own the proof."