Control before action.
Proof after.

Stipul is an open-source runtime authorization and audit layer for AI agents. It enforces policy before tool execution, records every decision, and produces cryptographic proof you can verify.

>_ Get Started in 60 Seconds GitHub  View on GitHub
>_ Terminal
$ pipx install stipul
$ stipul demo proof

# Run the demo. See control. Verify the proof.

Why Stipul

Least-Privilege Enforcement

Agents can only take actions explicitly authorized by policy. Stipul enforces the rules before anything happens.

Tamper-Evident Evidence

Every decision is recorded in the Chronicle and cryptographically sealed. You get evidence you can trust.

Verifiable by Anyone

Verify locally, offline, anytime. Tamper with evidence and trust is instantly rejected.

How It Works

The Charter defines policy. Writ enforces it before execution. Chronicle records the decision. Seal verifies the evidence.

Charter

Policy Engine

Defines what agents can and cannot do. Deterministic. Auditable. Clear.

Writ

Enforcement Proxy

Interposes on agent actions and enforces policy in real time.

Chronicle

Evidence Store

Records every decision with full context for a complete audit trail.

Seal

Cryptographic Attestation

Produces a cryptographic seal so anyone can verify integrity and authenticity.

See It For Yourself

Run the demo. Break the evidence. Verify the result.

Original Evidence Trust: VERIFIED

Session: 8f3c2a1e-9b3d-4f2e-8d1c-5e7a9c2b4d1f

9d7e2f3b6c6a1d4f2e7b9c3a5d1e6f7a8b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6e7
After Tamper Trust: REJECTED

2a6b9c4d1e3f8a7b5c2d9e6f1a3b7c8d9e0f1a2b3c4d5e6f7a8b9c0d1e2f3a4b

Open-source. Local-first. Built for trust.

Stipul helps you build and run agents that are safe, accountable, and provably correct.

GitHub PyPI Docs