PalmerAI

Gateway Aligned

Audit-first AI governance for real-world operations.

A secure gateway that enforces policy, approval, and audit evidence for every AI action -- before it runs.

Download 1-pager (PDF) Coming soon

Approval gates Built-in

Audit trail Always-on

Pilot posture Ready

Live Control Plane

Operator Console

Human approval stays in the loop with redacted prompts and risk triggers.

Compliance Gateway

Service-key auth, denylist enforcement, and real-time policy snapshots.

Proof Pack

Deploy logs, version reconciliation, and immutable evidence bundles.

No prompt storageDesigned to keep raw prompts out of storage by default.

Redaction + approvalsOperator approvals for high-risk / exceptions.

Immutable-ish auditHashes + version hooks for evidence bundles.

Cloudflare WorkersBuilt for edge deployment and isolation.

EU-grade postureGovernance-first design language and controls.

Platform

Zero-trust by default

Every write action is authenticated, rate-limited, and audited before it runs.

Approval-first execution

Human review is required for high-risk operations and policy exceptions.

Live observability

Real-time telemetry, drift detection, and compliance snapshots stay visible.

Sandbox-first changes

Dry-run builds and diff manifests show impact before deployment.

Operator-aligned UX

Interfaces mirror the PalmerAI gateway console for continuity and trust.

Lean + scalable

Minimal components, maximum auditability, ready for enterprise scale.

How it works (in 90 seconds)

Send request to Gateway (standard endpoint / client integration).
Policy evaluation + risk classification (deny/safe/approval_required).
Approval required? -> operator decision with redacted context.
Execute / block based on decision and policy snapshot.
Audit log + Proof Pack bundle (hashes, versions, timestamps).

Built to be deployable in a pilot, but structured for governance-grade operation from day one.

Request Client -> Gateway

Policy Evaluate + risk

Approval Operator gate

Execute Allow / block

Proof Audit + bundle

This keeps high-risk automation reviewable and evidence-backed -- without slowing down safe paths.

Proof

Proof Packs that survive scrutiny.

A compact, redacted evidence bundle with request id, decision, policy version hash, timestamps, and checksum hooks. Enough to explain and verify what happened -- without leaking raw prompt content.

Security

Data minimization Default posture avoids raw prompt storage; focus is on decisions + evidence metadata.

Operator controls High-risk actions require explicit approval -- with audit context and timestamps.

Governance-ready logging Policy versioning + hash hooks support incident reviews and compliance reporting.

No cookies by default. No tracking. This page stores nothing locally beyond normal browser operation.

Field	Value (redacted)
Request ID	req_9f3c...a12b
Decision	approval_required
Policy version hash	pol_7b2e...d91f
Timestamp (UTC)	2026-01-14T16:42:19Z
Evidence bundle checksum	sha256: 3c8a...f11e