The safety contract is the product.
Axiom is an approval-only platform. Six guarantees keep the cockpit safe even when the agents disagree.
approval_only_no_execution
Every action becomes a packet for human review. Axiom never auto-applies, never auto-rolls-back. The IaC pipeline picks up approved rows through real change control.
Closed unions end-to-end
Agent roles, message kinds, severities, trigger types — every dimension is a closed-union TypeScript type. Hallucinated values break the build, never reach prod.
sha-256 rationale rows
Every decision the council reaches is hash-stamped over a canonical-key-sorted JSON body. Auditors verify by recomputing the hash — no trust required.
Free AI providers only
Nine providers in a deterministic fallback chain. No paid OpenAI / Anthropic dependency. Mock provider is always last so the platform never hard-fails on missing keys.
Prompt-free + secret-free logging
Usage logger records provider / model / latency / status — never prompts, never tokens, never response bodies. Safe to share with anyone in the org.
Tiered boundary gate
Six blast-radius classes (read_only → data_plane). data_plane + org_scoped require ALL approver roles (strict mode). One slip can't ship.
Compliance roster
Live status of the audit-frameworks Axiom maps to. No vendor-supplied stamps — every row links to evidence the cockpit produces.
controls mapped, evidence stream live; auditor onboarding underway
DSR workflow tracker with 30/60-day deadlines + per-system status
deterministic compliance packet with sha-256 integrity hash
GDPR-shaped tenant data export builder
data-plane boundary already strict-all-roles; BAA workflow on roadmap
controls inventoried via the platform validation matrix
Want the live evidence?
The compliance packet endpoint produces a deterministic, hash-stamped JSON document covering the last N days of platform activity.