What is agent execution governance?

Agent execution governance is the practice of controlling where AI agents run, enforcing policies on which devices can execute which workloads, and maintaining cryptographic proof of every execution. It adds identity, policy, and audit trails to agents that are already deployed across cloud, on-prem, and edge infrastructure.

How does ATF secure AI agent execution?

ATF assigns every execution device a cryptographic identity certificate. Agents can only run on approved devices, and every execution produces a signed receipt containing the device identity, output hash, and timestamps. Connectivity is outbound-only from devices to the control plane — no inbound ports are exposed.

Does ATF work with any AI agent framework?

Yes. ATF is model-agnostic and framework-agnostic. It works with Claude Code, OpenClaw, LangChain, custom agents, and any other framework. ATF governs the execution layer — it does not replace your agent framework.

What is the difference between ATF and an agent framework?

Agent frameworks like LangChain or CrewAI help you build agents. ATF governs where those agents execute. It is infrastructure — not a framework. ATF adds device-level identity, execution policy, and cryptographic audit trails to agents that already exist.

Can ATF run agents on edge devices and laptops?

Yes. ATF supports execution on cloud VMs, on-premises servers, laptops, GPU clusters, and IoT devices. Each device registers with the control plane using outbound-only connectivity — no inbound ports required, making edge deployment secure by default.

Sovereign Agent Infrastructure

Execution governance for AI agents.

Run AI Agents Anywhere.
Prove It.

Any agent. Any model. Any framework.
Run on your cloud, your data center, or a laptop on your desk — with a signed receipt for every run.

Book a Demo

Outbound-only connectivity

Per-device identity

Auditable execution

Execute on approved devices

How It Works

Four steps. Full control.

Register Devices

Every execution node registers with a cryptographic identity. Outbound-only — no inbound ports required.

Enforce Policy

Policy decides what runs, where. Data residency and compliance are enforced, not assumed.

Execute Anywhere

Workloads execute on approved devices — cloud, on-prem, or the laptop on your desk.

Audit & Prove

Every run produces a signed receipt: device identity, output hash, and timestamps. Cryptographic proof, not logs.

Architecture

ATF Control Plane

Policy · Dispatch · Audit

A centralized control plane manages execution across your distributed infrastructure.

Cloud

AWS / GCP / Azure

On-Prem

Your data center

Edge

Laptop / GPU / IoT

Claude Code

Anthropic

OpenClaw

Open-source

ATF Agent

Built-in

Execution verified · Device: macbook-pro · Receipt signed

What's Missing Today

Agents are everywhere.
Governance is not.

Open-source agents on Mac Minis. Copilots calling your APIs. Framework agents on GPU clusters. The execution is happening — without identity, without policy, and without proof.

Shadow Agent Sprawl

Developers deploy agents on personal devices, cloud VMs, and local hardware — before security teams know they exist.

No Device Identity

Agents inherit machine-level privileges with no cryptographic identity. One exploit, full lateral movement.

No Execution Policy

No way to enforce which agents run on which hardware, or prevent sensitive workloads from executing on unapproved devices.

No Audit Trail

When an agent leaks credentials or exfiltrates data, you can't prove what ran, where it ran, or what it accessed.

Why ATF

The missing layer.

Agents already run on cloud VMs, Mac Minis, and GPU clusters. ATF adds identity, policy, and audit trails to every one of them.

→

Device-Level Execution Routing

Select which physical device runs each workload. Not just "cloud vs. on-prem" — specific machines.

ATF

Policy · Dispatch · Route

DISPATCH → macbook-pro

aws-east-1

us-east-1

dc-rack-04

on-prem

macbook-pro

edge

gpu-node-7

gpu cluster

iot-sensor-3

field

✦

Identity-Bound Audit Receipts

Every execution is cryptographically tied to a device identity, not just logged. Evidence-grade traceability.

✓

Execution Receipt

2026-02-15T14:32:07.482Z

Devicemacbook-pro

Agentresearch-v2

Modelllama-3.2-3b (local)

Duration3.2s · 847 tokens

Output Hashsha256:a8f3c9...e91d2

SignatureDevice identity verified

⊘

Outbound-Only Runner Connectivity

Devices dial out securely to ATF. No inbound ports, no exposed attack surface.

ATF

Accepts connections

aws-east-1

:0 inbound

macbook-pro

:0 inbound

gpu-node-7

:0 inbound

✗ NO INBOUND PORTS

◇

Unified Playground Across Devices

Same agent. Same policy. Different hardware. Test and iterate on any registered device from a single interface.

macbook-pro

aws-east-1

gpu-node-7

◆

research-v2

device/macbook-pro/agent/research-v2

$ Running on macbook-pro

> Model: llama-3.2-3b (local)

> Executing tool: web_search

> Tokens: 847 · Latency: 3.2s

✓ Receipt signed by device identity

The Platform

Infrastructure-grade.

Security

Identity & Trust

Every agent carries a cryptographic identity certificate. Zero-trust architecture across every node. Your infrastructure, your perimeter.

Observability

Verifiable Execution

Every state change captured. Signed execution receipts. Agents monitored like humans and legacy systems — not black boxes.

Execution

Policy-Controlled Dispatch

Dispatch across cloud, on-prem, and edge. Policy enforcement decides what runs where. Model-agnostic and framework-agnostic.

Built For

Who this is for.

ATF is infrastructure for teams that need to control where intelligence executes.

Regulated Industries

Keep financial review agents on approved GPU clusters. Run healthcare summarization inside your data center. Data residency enforced, not assumed.

Enterprise IT

Bring policy and audit trails to the agents already running inside your perimeter. One layer across every model and framework, zero vendor lock-in.

AI Platform Teams

Turn shadow agent deployments into a managed fleet. Visibility, policy, and audit trails across every device.

Data-Sensitive Organizations

Guarantee which geography and which hardware processes your data. Deploy edge inference in regulated field environments.

The Demo

Select device. Run agent. Prove it.

atf agent run research-v2 --device macbook-pro

Dispatching to device: macbook-pro

Model: llama-3.2-3b (local) · Tools: web_search, file_read, code_exec

——————————————————————————————

✓ Execution complete · 3.2s · 847 tokens

✓ Receipt signed by device identity · sha256:a8f3c...e91d2

Control where intelligence executes.

See ATF bring identity, policy, and audit trails to agents running across cloud, on-prem, and edge.

Book a Demo

Run AI Agents Anywhere.Prove It.

Four steps. Full control.

Register Devices

Enforce Policy

Execute Anywhere

Audit & Prove

Agents are everywhere.Governance is not.

Shadow Agent Sprawl

No Device Identity

No Execution Policy

No Audit Trail

The missing layer.

Device-Level Execution Routing

Identity-Bound Audit Receipts

Execution Receipt

Outbound-Only Runner Connectivity

Unified Playground Across Devices

research-v2

Infrastructure-grade.

Identity & Trust

Verifiable Execution

Policy-Controlled Dispatch

Who this is for.

Regulated Industries

Enterprise IT

AI Platform Teams

Data-Sensitive Organizations

Select device. Run agent. Prove it.

Control where intelligence executes.

Run AI Agents Anywhere.
Prove It.

Agents are everywhere.
Governance is not.