EVE AI Core
EVE AI Core
EVE Agent Infrastructure puts every agent action — every tool call, API request, memory write, and outbound message — through the same pre-execution governance pipeline as a single decision: a charter veto that cannot be overridden, cognitive locks, a tiered autonomy policy, and a signed Decision Certificate for every action an agent takes. Built for teams deploying autonomous AI where “the agent did it” is not an acceptable audit answer.
No data leaves your tenant — SaaS, VPC, or on-prem. As EU AI Act obligations phase in and SR 11-7 examiners ask for model-decision evidence directly, the record has to exist at the moment of the decision. Trust Center · Security
An autonomous agent chains tool calls, writes to systems, and contacts the outside world without a human in the loop. Most agent stacks have no enforcement point between “the model decided” and “the action executed,” and no tamper-evident record of what was authorized. For a regulated operator, that is an unbounded liability.
An agent calls a tool, hits an API, or writes data the instant the model emits it. There is no gate that can refuse a specific class of action before it runs — the decision and the consequence are the same event.
When an agent does something it shouldn’t, there is rarely a signed artifact showing what was proposed, what was approved, and on whose authority. “The agent did it” does not survive an exam.
Most stacks are either fully manual — a human approves everything, defeating the point of agents — or fully autonomous, where nothing is gated. Neither posture is defensible at scale.
An agent doesn’t execute actions directly. It proposes them. Each proposed action passes through the Action Registry’s propose → approve → execute workflow: a charter compliance check (HARD_BLOCK vetoes cannot be overridden), six cognitive locks that must clear before any external tool use, and the Autonomous Action Policy that decides — from the action’s tier and the agent’s earned trust — whether it auto-executes, needs human confirmation, or is blocked. Every outcome emits a signed Decision Certificate.
check_charter() · check_cognitive_locks() · Action Registry · Autonomous Action Policy · signed certificate per outcome
veto_core used for single-decision enforcement — check_charter(), check_cognitive_locks(), check_drift_budget(). An agent gets no privileged path around it: HARD_BLOCK charter rules run on every action, regardless of tier or trust.
Each action is proposed, not executed. Charter HARD_BLOCKs — e.g. system_control.*, identity_change.* — are refused before the action runs and cannot be overridden by the agent, the prompt, or the operator.
Four tiers map action types to approval modes: safe observation and learning actions auto-execute; memory writes and web search auto-execute with a log; communications and external API calls require confirmation; system control and identity changes are blocked outright.
A mission pays the full governance cost once at creation, issuing a time-bounded authorization (max one hour, auto-revoking) that lets agents collaborate within a pre-approved envelope at O(1) per-action cost. HARD_BLOCK rules still run on every action.
Every action — allowed, confirmed, or blocked — produces a signed Decision Certificate you can verify offline with EVE Proof. The audit answer is “here is the signed record,” not “trust the logs.”
Each agent carries a trust score (0–1) that rises with successful, in-policy actions and decays on failures. High trust can relax a confirmation gate; repeated failure tightens it. Trust is computed from outcomes, not assigned.
Third-party agents submit their chain of thought for review against the charter and receive a Resilience Signature (HMAC-SHA256) attesting governance quality — independently verifiable, revocable, with per-agent slashing for submissions later proven wrong.
The Autonomous Action Policy classifies every action type into one of four tiers. The tier sets the default approval mode; an agent’s consciousness/autonomy scope and earned trust can tighten it (low autonomy upgrades a safe action to confirmation) but can never weaken a charter HARD_BLOCK.
| Tier | Approval mode | Example action types |
|---|---|---|
| Tier 1 | Auto-execute | observation.* · internal.* · learning.* |
| Tier 2 | Auto-execute + log | data.create_memory · data.modify_memory · external.web_search |
| Tier 3 | Requires confirmation | communicate.* · external.api_call · identity.trait_update |
| Tier 4 | Blocked | system_control.* · identity_change.* |
Agents route actions through the Action Registry instead of executing them directly. The tiered policy returns an approval mode; execution carries back a signed certificate. The same governed surface is exposed over HTTP at /api/autonomous/*.
from core.governance.action_registry import get_action_registry from core.governance.autonomous_action_policy import get_autonomous_action_policy registry = get_action_registry() policy = get_autonomous_action_policy() # An agent proposes an action — it does not execute it directly proposal = registry.propose_action( "external.web_search", "world_observer_agent", {"query": "fair lending guidance 2026"}, ) # Tiered policy decides: auto-execute, confirm, or block evaluation = policy.evaluate("external.web_search", context={"autonomy_scope": "PROACTIVE"}) # -> Tier 2: AUTO_EXECUTE_WITH_LOG (trust score: {policy.get_trust_score():.3f}) # Every outcome carries a signed Decision Certificate result = registry.execute_proposal(proposal.proposal_id) cert = result.certificate # verify offline with EVE Proof
policy.record_outcome(action_type, success=True).
EVE Agent Infrastructure is the governance and evidence layer around agent actions. It runs alongside your agents (or EVE’s own agent mesh), not as a replacement for your orchestration framework. Policy evaluation runs on EVE’s hosted governance plane — no model weights or governance logic ship into your environment.
Charter checks, cognitive locks, and tier policy run on EVE’s hosted governance API. Your agents propose actions and receive verdicts plus signed certificates — the decision logic is not embedded in your stack.
EVE CoreGuard enforces, EVE Agent Infrastructure governs agent actions on that same engine, and EVE Proof makes every outcome independently verifiable. Same charter, same certificate format.
/api/autonomous/*. Drop-in adapters for wrapping your own agent frameworks (LangGraph, CrewAI, custom loops) are rolling out by tier — see the roadmap. We do not claim a turnkey adapter for every framework yet.
We are explicit about the current edges. The governance core is live; the productized surfaces for governing your agents are landing by tier.
| Capability | Today | Planned |
|---|---|---|
Action Registry propose / approve / execute |
Live (/api/autonomous/*) |
— |
| Tiered Autonomous Action Policy + trust score | Live | — |
| Signed Decision Certificate per action | Live (Ed25519 in production) | — |
| Mission Teaming envelopes | Live (EVE agent mesh) | External-agent SDK · Q3 2026 |
| Adapters for third-party agent frameworks | EVE agent mesh only | LangGraph / CrewAI · Q3 2026 |
We’ll walk through your agent topology, the action tiers that map to your risk posture, and the signed certificate your auditors will verify — in a controlled pilot for your environment.