Policy and audit
for every AI agent you ship.

Yelt is the policy engine and tamper-evident audit ledger for AI agents — the coding sessions on your machine and the agents you embed in production. Author rules in plain English. Every agent action lands in a signed audit chain you can hand an auditor.

Get startedFor developers
~/projects/acme · zsh
Detected automatically
  • CCClaude Code
  • CRCursor
  • CXCodex CLI
  • CLCline
  • SDKProduction agents
  • ·Custom MCP
One product · three surfaces

Author once.
Govern every agent.

Finance writes rules in plain English. They flow to the coding sessions on your engineers' machines and the production agents you ship inside your own product. Same dashboard, same audit chain, three doors that suit each team's day-to-day.

Finance and security · /[org-slug]

The dashboard.

Activity, Policies, Audit. Plain-English policy authoring with form-fill assist. Slack approvals for held actions. Auditor-ready PDF export mapped to FS AI RMF, OWASP, and SOC 2.

  • Approve held actions in Slack — no dashboard required
  • Policies live globally in under one second from save
  • Hash-chained audit trail — regulator-acceptable
Engineering · /u/[username]

The CLI.

One install line. Yelt detects every coding-agent host on the machine, drops policies as instructions, and registers a per-machine identity that signs every audit event your sessions emit.

  • Auto-detects Claude Code, Cursor, Codex, Cline
  • Five default policies — spend cap, PII, vendor allowlist, new-vendor approval, time-of-day
  • Promote to a team org without re-onboarding
Your product · @yelt-ai/sdk-{node,py}

The SDK.

The agent embedded in your SaaS doesn't get a free pass. Drop the SDK in, hand it your registered agent's keypair, and every tool call becomes a signed audit row your auditor can verify. Same policies, same chain — applied to the agents you ship to your customers.

  • 60-line install — Node + Python
  • Held actions surface in Yelt's approvals kanban
  • One audit chain, dev sessions and production
The loop

Intercept. Evaluate. Audit.

Every agent action follows the same three steps. Belt and suspenders: the policy is also pushed to the agent as a SKILL.md file so it knows the rules — and the gateway enforces them anyway, because models forget.

Step 01

Agent attempts an action

Your agent calls Stripe, Mercury, QuickBooks, or any MCP server. The Yelt gateway intercepts before the call leaves the network.

Step 02

Policy evaluates

Spend caps, vendor lists, PII rules, time windows — every active policy fires in parallel. Median: 5ms. Strictest outcome wins.

Step 03

Audit logs forever

Allow, deny, or hold-for-approval — every decision lands in a SHA-256 hash-chained ledger that an auditor can verify independently.

Policies

Plain English in.
Typed runtime out.

Type a sentence. Yelt parses it into a structured form, asks for the missing fields, and compiles to a typed descriptor the gateway evaluates in microseconds. Twenty templates ship by default — author custom rules in the same flow.

You type
Yelt understands

Live globally in under one second of save. Older versions remain queryable for audit.

SL
Spend limit
Cap any payment above an amount, per-agent or org-wide.
VA
Vendor allowlist
Only approved vendors. Imports from QuickBooks, NetSuite, Xero.
NV
New vendor approval
Hold any payment to a vendor not seen before. Slack ping.
PI
PII block
Refuse outputs containing customer PII. Redacted in audit.
TZ
Time of day
Block agent payments outside business hours, by time zone.
GE
Geographic restriction
Deny payments routed to OFAC-sanctioned destinations.
AT
Approval threshold
Auto-allow under $X; hold above; require two approvers above $Y.
RF
Refund cap
Hold refunds above a per-customer or per-agent limit.
The audit

Tamper-evident.
Auditor-grade.

Every decision lands in an append-only ledger. Each row is SHA-256 hashed against the previous — change one byte and every downstream hash breaks. Independent verification from the CLI. PDF export pre-mapped to your control framework.

  • Hash chain
    SHA-256, append-only
  • Evidence chain
    Every prior tool call, traced
  • Framework mapped
    FS AI RMF · OWASP · SOC 2
  • Independently verifiable
    yelt audit verify <id>
audit_event #41,287approved
agentinvoicing-bot-1
actionpayment_transfer
amount$5,000.00
targetstripe.com/v1/transfers
policynew-vendor-approval
approversarah@acme.com
prev_hasha3f9…c2e4
hashb2d4…91ee
Initiated 14:23:01 · approved 14:24:18 · executed 14:24:19 — 78 seconds end-to-end including human approval.
Pricing

Cheaper than one mistake.

One blocked payment to the wrong vendor pays for the year. Start free for individual developers; scale per-seat as your team grows; talk to us when your auditor does.

Developer

Solo devs governing their own agent work

$30/ developer / month
  • 1 user · unlimited agents
  • 50,000 evaluations / month
  • 30-day audit retention
  • Hosted MCP gateway
  • Slack approvals
Start free

Company

AI-native teams in production

$1,500/ month
  • 25 dev seats included · $40/seat after
  • 500,000 evaluations / month
  • 365-day audit retention
  • Slack + Teams approvals
  • Vanta / Drata / SIEM webhooks
Start free

Enterprise

Regulated buyers and Fortune 1000

Talk to us
  • Sidecar gateway (your VPC)
  • 7-year audit retention
  • On-chain ledger anchoring
  • SAML SSO · custom controls
  • Dedicated onboarding
Contact sales

Annual contracts at 20% discount. Usage-based overage applies past included evaluations. Stripe billing. Cancel anytime.

Govern your agents in three minutes.

Get started