Open Source Governance Framework

The Governance Spine for
Auditable AI Agents

Build AI agents your compliance team will love. Full provenance tracking, policy enforcement, and decision traces for every action.

See It In Action Quick Start
22 Packages
825+ Tests
100% TypeScript
agent.ts 
import { ContextGraph } from '@contextgraph/sdk';

const cg = new ContextGraph();

// Every claim requires provenance
await cg.addClaim({
  entity: 'report_q4',
  attribute: 'status',
  value: 'verified',
  source: { type: 'analyst', id: 'user_123' },
  confidence: 0.95,
  validFrom: now()
});

// Policy-evaluated decisions
const decision = await cg.proposeDecision({
  type: 'publish_report',
  target: 'external',
  evidence: [claim.id]
});

// decision.status: 'approved' | 'needs_review'

The Problem

AI agents are everywhere. Audit trails are nowhere.

Black Box Decisions

Agent made a bad call? Good luck figuring out why. No trace, no evidence, no accountability.

Compliance Nightmares

Auditor asks "show me every decision this agent made in Q3." You: *sweating*

No Guardrails

Agent has access to everything. Policies exist in a wiki somewhere. Hope it reads that wiki.

Time Blindness

"What did we know when we made that decision?" Nobody knows. Data is overwritten daily.

The Solution

A governance substrate that makes auditability automatic.

01

Provenance First

Every piece of data requires a source. No orphan facts. Every claim is traceable to its origin.

source: { type: 'api', id: 'crm_v2', timestamp: now() }
02

Time as First-Class Citizen

All data is temporally qualified. Ask "what did we know on March 15?" and get an answer.

validFrom: '2024-01-01', validUntil: '2024-12-31'
03

Decisions as Data

Every decision is recorded before execution. Full lifecycle: proposed, approved, executed, completed.

status: 'proposed' | 'approved' | 'executed'
04

Policy Enforcement

Deny-first policy evaluation. No action proceeds without explicit authorization.

effect: 'deny', unless: { role: 'admin' }
05

Human-in-the-Loop

High-risk decisions queue for human review. Approval workflows built-in.

requiresApproval: risk.level >= 'HIGH'
06

Compliance Ready

Generate audit reports on demand. SOC 2, GDPR, HIPAA evidence packages.

reporter.generateSOC2({ period: 'Q4' })

Architecture

Four planes. Zero black boxes.

Cognition Plane
LangChain
AutoGen
Custom Agents
Where agents think
Action Intents
ContextGraph OS
Knowledge Graph
Policy Engine
Decision Trace
Provenance
Exceptions
Telemetry
Where governance happens
Controlled Execution
Execution Plane
APIs
Databases
External Services
Where actions happen
"No agent action is valid unless it is context-justified, policy-evaluated, and decision-traceable."

See It In Action

Interactive demos showing real governance scenarios.

Policy-Controlled Publication

Watch how a high-risk action is caught by policy, queued for human review, and then executed after approval.

  1. 1 Agent proposes publishing a report to external audience
  2. 2 Policy engine evaluates: risk=HIGH, requires approval
  3. 3 Decision enters human review queue
  4. 4 Compliance officer approves with justification
  5. 5 Action executes, full trace recorded
contextgraph-demo
$ npx @contextgraph/cli demo regulated-agent

Point-in-Time Queries

Query what the system knew at any point in time. Essential for "why did we make that decision?" questions.

  1. 1 Data changes over time (status: draft -> reviewed -> published)
  2. 2 Query as of March 15: status = "reviewed"
  3. 3 Query as of March 20: status = "published"
  4. 4 Full history preserved, never overwritten
contextgraph-demo
$ npx @contextgraph/cli demo temporal-query

Compliance Report Generation

Generate audit-ready reports with one command. All decisions, evidence, and provenance included.

  1. 1 Specify time range and report type
  2. 2 System aggregates all decisions
  3. 3 Links evidence and provenance
  4. 4 Exports to JSON/PDF/CSV
contextgraph-demo
$ npx @contextgraph/cli demo audit-report
Managed Service

ContextGraph Cloud

All the power of ContextGraph OS, none of the infrastructure hassle.

Real-Time Governance Dashboard

Monitor every agent decision, policy evaluation, and approval workflow in one beautiful interface. Built for teams who need visibility and control.

  • Agent activity monitoring
  • Decision approval queues
  • Policy simulation sandbox
  • One-click compliance reports
Start Free Trial Sign In
ContextGraph Cloud

Multi-Tenant

Full isolation with row-level security

Enterprise SSO

SAML 2.0, OIDC, Okta, Azure AD

Webhooks & API

HMAC-signed events, full REST API

Self-Host Option

Docker, Kubernetes, Helm charts

Who It's For

Built for teams who can't afford black-box AI.

Regulated Industries

Finance, healthcare, legal. When the auditor asks, you'll have answers.

  • SOC 2
  • HIPAA
  • GDPR

Enterprise AI Teams

Building internal agents? Make them audit-ready from day one.

  • LangChain
  • AutoGen
  • Custom

AI Platform Teams

Building agent platforms for others? Give them governance for free.

  • Multi-tenant
  • White-label
  • API-first

Pricing

Start free. Scale with confidence.

Open Source

$0 forever

For developers and open source projects

  • Full ContextGraph OS (22 packages)
  • SQLite & in-memory storage
  • CLI tools & SDK
  • Community support (GitHub)
  • AGPL-3.0 license
Get Started
Most Popular

Team

$499 /month

For teams building AI-powered products

  • Commercial license (no copyleft)
  • Hosted Dashboard - real-time monitoring
  • PostgreSQL multi-tenant storage
  • SSO/SAML authentication
  • Up to 10 agents, 90-day retention
  • Priority support (24hr SLA)
  • PDF/CSV compliance exports
Start Free Trial

Enterprise

Custom

For regulated industries & large deployments

  • Everything in Team, plus:
  • Self-hosted or private cloud
  • Unlimited agents & 1yr+ retention
  • SOC 2, HIPAA, GDPR templates
  • Dedicated support (4hr SLA)
  • Custom integrations & onboarding
  • 99.9% uptime SLA & indemnification
Talk to Us

Feature Comparison

Feature Open Source Team Enterprise
Core SDK & Packages 22 packages 22 packages 22 packages
Hosted Dashboard ✓ Included ✓ Included
Storage Backend SQLite PostgreSQL PostgreSQL
Agents Unlimited Up to 10 Unlimited
Audit Retention Self-managed 90 days 1 year+
SSO / SAML ✓ Included ✓ Included
Compliance Reports Basic SOC2, HIPAA, GDPR
Support SLA Community 24hr response 4hr response
License AGPL-3.0 Commercial Enterprise

FAQ

Common questions about ContextGraph OS.

No. ContextGraph OS is a governance substrate that sits between your agent framework (LangChain, AutoGen, etc.) and actual execution. It doesn't replace your agents; it makes them auditable.

Minimal. Policy evaluation is in-memory and typically adds <10ms. For high-risk actions that require human approval, yes there's latency - but that's the point. You want someone to review before the agent deletes your production database.

Currently SQLite (embedded) and an in-memory adapter for testing. PostgreSQL adapter is on the roadmap. The storage layer is abstracted, so adding new backends is straightforward.

Yes. The SDK provides a simple API. Your agent submits "action intents" instead of executing directly. ContextGraph evaluates policies, records the decision, and either allows execution or queues for review.

Dual-licensed: AGPL-3.0 for open source use, and a commercial license for proprietary applications. If you're building internal tools or open source, AGPL is free. If you're building a SaaS product, you'll need a commercial license.

ContextGraph OS is unique in its focus on governance as a first-class concern. Other tools might have logging or monitoring. We have provenance, temporal data, policy enforcement, decision traces, and compliance reporting baked in at every layer.

Ready to make your AI agents auditable?

Start with open source, upgrade to Cloud when you need more. Build trust with every decision.

Try Cloud Free View Open Source