Praxel is the vendor-neutral runtime control plane for AI agents — an open-source SDK that wraps Anthropic, OpenAI, or a custom adapter in three lines, then adds cryptographically signed audit logs, policy enforcement, and signed compliance evidence (SOC 2 / HIPAA / EU AI Act report generation shipping in v1.0).
from anthropic import Anthropic client = Anthropic() resp = client.messages.create( model="claude-sonnet-4-5", tools=tools, )
from praxis import Praxis client = Anthropic() agent = Praxis.wrap(client) # → allow · signed:ed25519:b1e4…c09a
Every model call routes through four deterministic stops — intercept, decide, execute, seal — with sub-50ms policy evaluation.
Wrap any client at import time. No agent rewrite, no proxy, no new runtime.
Allow, deny, or escalate to a human — per call, per tool, per cost envelope.
{
"event": "evt_01JKR4V2Q8",
"tool": "send_ach",
"action": "deny",
"proof": "soc2.cc6.1",
"sig": "ed25519:b1e4c09a…"
}Signed, individually verifiable, exported. Your auditor queries the ledger directly.
Composite scenarios drawn from publicly reported AI incidents (2024–2026). Praxel enforcement would have logged, blocked, or escalated each.
A scheduling agent chained lookup_vendor and send_ach and wired funds to a spoofed payee. No human. No audit trail that survived rotation.
A Claude triage agent echoed patient records into a third-party summarizer. Screenshots surfaced in a training set. HHS opened a breach investigation in two weeks.
A three-agent workflow hit a retry loop: planner → executor → search. By the time rate limits tripped, the team had burned $11k and a customer circuit breaker.
86% of production AI agents go live without formal security review
Source: Pragatix AI Agent Security Report, 2026
€35M or 7% EU AI Act max penalty for prohibited practices · enforcement August 2026
Source: EU AI Act Article 99
35% of executives report they cannot stop a rogue agent in real time
Source: Pragatix AI Agent Security Report, 2026
Praxel is built for operators shipping agents into regulated environments. Speed and proof are not mutually exclusive.
Synchronous policy evaluation runs in-process. No sidecar, no proxy hop, no production-latency tax.
Distribute signed policies across fleets. Approvals route to Slack, PagerDuty, or webhooks — with sub-second escalation.
Sample dashboard view
One dashboard across every provider, every tenant, every region. Filter by model, agent, or rule. Export to your SIEM in a click.
Self-host SDK and audit logs in your environment. KMS integration shipping with Enterprise tier.
OpenAI now owns Promptfoo. Microsoft governs Azure. Google will ship its own. The companies building AI agents cannot also be the neutral layer that governs them. Praxel is structurally neutral by design.
MIT open source · vendor-neutral by structure. No frontier lab owns the roadmap.
Ed25519 signed events, individually verifiable, cryptographically timestamped. Merkle chain on the v1.1 roadmap. Tamper-evident by construction.
Every call, every tool, every retry. Not a quarterly snapshot run in your eval pipeline.
Policy-as-code, JSON-configured (OPA bundle support on the v1.1 roadmap). Version-controlled, CI-tested, distributed with a signed git push.
Anthropic, OpenAI, custom adapter. LangChain, CrewAI, OpenAI Agents SDK, and MCP support shipping in v1.1. No rip-and-replace.
SOC 2, HIPAA, EU AI Act, OWASP — mapped, auto-generated, exported to your auditor's dashboard.
One adapter pattern for any provider. Anthropic, OpenAI, and custom adapters supported today. LangChain, CrewAI, OpenAI Agents SDK, and MCP shipping in v1.1.
Promptfoo tests agents before they ship. Microsoft governs agents in Azure. We govern agents in production, across every vendor.
The SDK is MIT, forever. Pay us when you need hosted distribution, BAA, or signed forensic export.
Everything an independent dev needs to govern production agents.
For teams running agents in production across 2+ providers.
Self-hosted, SSO, BAA, dedicated compliance engineer.
If a Praxel-governed agent action is ever flagged as unauditable in your SOC 2 or HIPAA audit, we refund 12 months of fees and pay your auditor up to $25,000 to re-review.
The ones we get most from platform leads, CISOs, and the senior engineer in the room with arms crossed.
Sub-50ms policy evaluation in-process. No sidecar, no proxy hop. Full benchmark suite shipping with v1.0.
Promptfoo tests agents in CI before they ship. Praxel governs them after. Testing is a snapshot. Production is a stream. Also — OpenAI owns Promptfoo now. The neutrality question matters in a regulated environment.
Yes. We wrap at the model-client layer, below LangChain, LlamaIndex, CrewAI, or your own orchestration. If it eventually calls an HTTP model endpoint, Praxel sees it.
Wherever you want. Local filesystem, your S3 bucket, Snowflake, BigQuery, or a WORM archive. We never see your events unless you explicitly enable the hosted plane.
The SDK is in-process. There is no SaaS dependency in the critical path unless you opt into hosted approvals. Policies are cached locally and evaluated offline.
Install the SDK in three lines. Sign every call. Hand your auditor signed event exports instead of screenshots.