Onboarding
From "I want to govern my AI agents" to governed agents — in hours, not weeks.
How It Works
You provide context about your organization. GaaS builds a governance membrane around your agents. You validate it through conversation and scenario testing, then deploy in shadow mode before going live.
You never configure a rules engine. You never write YAML. You provide context, and the system builds protection.
The Onboarding Flow
Context Intake
Provide a URL, upload documents, describe your business, list your agents — or any combination. More context produces a better membrane, but a URL alone is enough to start.
Membrane Generation
GaaS analyzes your context and composes a complete governance configuration: policies, risk thresholds, agent delegation limits, enrichment sources, deliberation panel, and escalation chains.
Conversational Validation
A validation agent walks you through what it built. Ask "what if" questions, probe edge cases, correct anything it got wrong. The membrane updates in real time as you refine it.
Shadow Mode
The full governance pipeline runs on real agent actions, but decisions are not enforced. You see what GaaS would have done — approve, modify, block, escalate — without any impact on your operations.
Go Live
When you're confident, flip to live mode. Governance decisions are enforced. You can revert to shadow mode at any time.
Context Intake
The intake system accepts multiple types of input. Each is analyzed by a specialized processor:
- URLs — your website and API docs are crawled to infer industry, data types, jurisdictions, and integrations
- Documents — compliance handbooks, agent architecture docs, internal policies (PDF, DOCX, MD, and more)
- Description — free-text description of your organization and what your agents do
- Agent inventory — the agents you want governed, their capabilities, and their integrations
Everything feeds into a Unified Context Model — a structured representation of your organization that drives membrane generation.
The Governance Membrane
The membrane is your complete governance configuration. It includes:
- A policy graph spanning universal safety policies through domain-specific and organization-specific rules
- Per-agent governance profiles with delegation limits and action permissions
- Context enrichment configuration — which data sources to consult for each agent
- Deliberation panel composition tuned to your domain
- Risk thresholds calibrated to your regulatory environment and risk appetite
- Escalation chains with roles, timeouts, and notification preferences
POST /v1/onboarding/quickstart endpoint — a single call that runs intake, analysis, and membrane generation, then drops you straight into shadow mode with an API key.
Shadow Mode
No governance system should go from zero to enforcement without a trial period. In shadow mode, GaaS evaluates every agent action through the full pipeline but never blocks, modifies, or escalates.
You review what would have happened. Mark false positives. The membrane is refined based on your feedback. When you're ready, activate live mode with a single call.
Critical Shadow Alerts
If GaaS detects an action in shadow mode that would be a critical block in live — for example, sensitive data on an unsecured channel — it breaks silence and alerts you immediately. Safety doesn't wait for the shadow period to end.
Membrane Lifecycle
The membrane moves through defined states: DRAFT → SHADOW → LIVE. You can revert from live to shadow at any time. All audit records from both modes are preserved.
Key Endpoints
Single-call onboarding: intake, analyze, generate membrane, issue API key
Submit context for analysis
Retrieve your governance membrane
Check validation readiness score
Activate live governance
Ready to start? See the Getting Started guide for a walkthrough.