
OntoGuard is a bounded executable layer at the release seam. It supports controlled event-level no-bind proof today, and production L5 requires route integration evidence, endpoint enforcement, replay records, and outcome closure. See Execution-Boundary Proof. Last updated: July 8, 2026.
OntoGuard is a semantic control plane for runtime authorization of proposed AI-driven state transitions. It decides whether high-stakes AI output, tool action, workflow movement, or release event may move, must be blocked, or should be routed to human review before consequence.
ALLOW, BLOCK, or ESCALATE high-stakes AI outputs before release.
Generate proof packets with evidence, route proof, replay, no-bind receipts, and audit hashes.
Send uncertain, risky, or unsupported outputs to human review instead of silent release.
Turn governed decisions and reviewer outcomes into runtime-safe learning-signal candidates.
OntoGuard proves what the AI attempted to move — and whether that movement was allowed to bind the enterprise.
OntoGuard does not only score an AI output. It records proposed movement, control point, failed condition, refused operation, release-control status, and whether any protected downstream effect formed. When autonomous release is withheld, OntoGuard produces a no-bind receipt showing that no protected downstream effect formed and that the proposed movement was routed, blocked, or escalated before consequence.
AI output, tool call, workflow trigger, memory write, recommendation, or release event attempted to become business consequence.
OntoGuard evaluated the proposed movement before release, commit, or downstream effect.
Autonomous release can be withheld, blocked, or routed to human review with reason codes.
The packet records whether a protected downstream effect formed and binds the result to receipt / manifest hashes.
A proposed AI output can be coherent and still not be admissible to move. OntoGuard evaluates whether the proposed transition has enough semantic, evidentiary, institutional, route, constraint, and human-review authority to become business consequence.
OntoGuard does not merely route uncertainty to a human queue. A mature production route should show whether the reviewer was assigned, qualified, authorized, completed review, used override authority, and closed the outcome. Current scans can mark reviewer closure as pending when that evidence is not yet attached.
Every governed decision or batch can be exported as a portable proof package that can be reviewed without rerunning OntoGuard.
OntoGuard packages governed decisions into a strict-six artifact set: buyer-portable JSON, full-audit JSON, governance PDF, sellable-lite PDF, decision receipt, and artifact manifest. The package binds governed input/output, Decision API result, evidence, trace, receipt, and manifest into a portable audit credential.
buyer_portable.governance.json
full_audit.governance.json
governance.pdf
governance.sellable_lite.pdf
decision_receipt.json
artifact_manifest.json
Choose a lightweight first step. No internal documents, production deployment, or model retraining are required to begin.
Best for: AI governance, risk, compliance, and product teams that want a fast first read.
Input: 10–25 representative prompts, responses, API logs, or demo outputs.
Output: risk map, review-burden view, autonomy-readiness tier, and selected proof packets.
Run Risk ScanBest for: vendors selling into regulated or high-trust enterprises.
Input: demo outputs or product workflow examples.
Output: enterprise-grade proof pack with decision, evidence, review routing, and boundary proof.
Request Demo Proof PackBest for: teams paying experts to review every AI output manually.
Input: review queues, output samples, or escalation examples.
Output: reason-coded routing and reviewer-effort reduction opportunities.
See Review CompressionStart with representative outputs and expand into runtime authorization, review compression, improvement signals, and customer-specific route evidence without claiming production L5 before integration proof exists.
Inputs: prompts, responses, logs, intended action labels, and workflow labels.
Outputs: risk segmentation, ALLOW/BLOCK/ESCALATE distribution, review-burden analysis, uncertainty and hallucination signals, ROI baseline fields, and selected sample packets.
For vertical AI vendors and partner sales. Converts demo outputs into enterprise-grade Decision Authorization Packets that buyers can inspect.
Routes only outputs that need expert judgment, with reason codes, reviewer context, and review-burden metrics.
Backend API returning ALLOW, BLOCK, or ESCALATE with evidence, trace ID, release-control status, and reason codes.
Review-gated learning candidates, retrieval improvements, repair signals, and gold-example candidates. No live model mutation or model-weight update is claimed.
Customer-specific route inventory, endpoint checks, token enforcement, replay, fail-closed proof, and outcome closure.
OntoGuard is built for teams whose AI outputs, actions, or workflow movements can become regulated, costly, or customer-facing business consequence.
Claims, prior authorization, compliance, legal/finance AI, and customer-service AI.
Turn your demo into buyer-portable proof.Claims, underwriting, fraud, and customer communications.
Reduce review burden and prove which AI outputs can move.Prior authorization, claims, and member communications.
Govern high-impact administrative outputs before they affect members or reviewers.AI governance, compliance, model risk, and agentic AI governance.
Add authorization proof before AI output becomes regulated action.Global and boutique AI integrators implementing regulated workflows.
Embed a proof layer into AI workflow deployments.Teams that monitor and test AI behavior but need release authorization proof.
Add runtime Decision Authorization and proof packets where monitoring and evals stop.For scans, demos, and pilot corridors: one aggregate proof packet across multiple governed cases.
OntoGuard can generate an aggregate Decision Authorization Packet for multiple prompts, outputs, or corridor cases. The batch packet rolls up case-level decisions into aggregate ALLOW / BLOCK / ESCALATE, preserves per-case hashes, points into full_audit, and exports one strict-six governance package for the batch.
If any case blocks, the batch blocks. Else if any case escalates, the batch escalates. Only all-clear cases can aggregate to ALLOW.
Each case has a hash, decision result, and pointer into full_audit.
Batch summary, telemetry digest, execution-boundary summary, no-bind summary, trace coupling, evidence geodesic, observer views, and governance path ensemble.
Use for AI Output Risk Scans, vertical AI vendor demo proof packs, and controlled pilot corridors.
Get a representative risk review, proof gaps, and selected Decision Authorization Packets.
Run Risk ScanTurn your demo into enterprise proof that buyers can inspect before a pilot.
Request Demo Proof PackFind which AI outputs need expert attention and why reviewers are spending time.
See Review CompressionInspect the public proof kit, runtime seam, packet anatomy, and capability boundary.
Inspect Proof LibrarySend 10–25 representative AI prompts, responses, or API logs. OntoGuard identifies risk, uncertainty, review burden, autonomy readiness, and proof gaps, then generates full Decision Authorization Packets for selected high-risk or representative outputs.
Move from representative scan to selected packets to route-design evidence without claiming production L5 before the customer route exists.
Watch how OntoGuard evaluates a proposed AI output before release, routes uncertainty, and creates a buyer-readable proof packet without needing internal documents or production deployment to start.
Start with the fastest proof assets: video, sanitized financial-services case, boundary proof kit, strict-six audit credential, Batch DAP, pilot path, procurement readiness, and the technical appendix.
Watch OntoGuard govern an AI output before release and produce proof.
Watch product videoSanitized proof case showing Decision Authorization for a regulated-output scenario.
Open proof casePublic sanitized proof kit with buyer JSON, PDFs, receipt, manifest, and proof artifacts.
Inspect proof kitBuyer-portable and machine-readable strict-six package for offline verification.
See strict-six packageBatch Decision Authorization Packet view for representative case corridors.
See Batch DAPMove from scan to packets to routing design without claiming production L5 too early.
View pilot pathDeployment modes, data handling, enterprise controls, and NDA packet request.
Review readinessDeep technical record for auditors, security teams, and strategic diligence.
Open appendixInspect the public proof surface, runtime decision artifacts, execution-boundary evidence, no-bind receipts, strict-six audit credentials, Batch DAP / Controlled Corridor Mode, and the production route evidence still required for customer-specific L5 route completeness.
PDF / JSON export, schema-valid packet, confidence tier, trust score, Cold / Heat / Mercury triad, hallucination taxonomy, benchmark status, policy status, evidence gaps, and explicit abstention or human-review route where needed.
Open Proof Harness detailShows which unknowns, evidence disagreements, and routing rules mattered to ALLOW / BLOCK / ESCALATE without exposing protected formulas.
Review uncertainty provenanceSanitized proof case for a regulated financial-services AI output: no customer data, no protected implementation details, and no production L5 non-bypassability claim.
Open sanitized proof caseOntoGuard decides whether high-stakes AI output may move, must be held, must be blocked, or should be routed to human review — then exports a portable proof packet.
The proof surface preserves Decision API result, execution-boundary trace, no-bind receipt, route maturity, replay, pressure tests, hashes, strict-six artifacts, Batch DAP surfaces, selected semantic projection fields, and production-evidence limitations.
AI output behavior review, runtime Decision Authorization, selected Decision Authorization Packets, execution-boundary trace, no-bind receipt, controlled event-level route proof, strict-six offline audit credentials, Batch DAP / Controlled Corridor Mode, and runtime-safe improvement-signal export.
See Batch DAPProduction L5 route completeness, real downstream endpoint token checks, production non-bypassability, customer-specific tool-call authorization, memory-write control, policy authority closure, and multi-agent handoff enforcement require pilot or production topology evidence.
OntoGuard does not publicly claim production L5 non-bypassability, real endpoint enforcement, full autonomous agent enforcement, live model-weight mutation, hard-dollar ROI without buyer baselines, or disclosure of protected routing, scoring, BM25, ontology, citation, or runtime internals.
A public sanitized proof surface showing a synthetic high-stakes AI output evaluated before release, escalated, withheld, and exported as portable proof.
Buyer-readable proof packet showing the governed decision, escalation outcome, evidence posture, and review routing.
Download PDFMachine-readable packet for decision state, routing, evidence posture, route proof, and audit fields.
Download Buyer JSONCompact receipt showing decision outcome, release status, routed-to value, and public-safe trace identifiers.
Download Receipt JSONPlain-language summary of what OntoGuard evaluates, what it allows, blocks, escalates, and what protected internals are not disclosed.
Download Layer FactsPublic-safe summary of the controlled proof package without protected runtime internals.
Download Full Audit SummarySanitized machine-readable packet for inspecting decision state, routing, evidence posture, and audit fields.
Download Buyer JSONBuyer-readable proof packet showing the governed decision, escalation outcome, evidence posture, and review routing.
Download PDFCompact receipt showing decision outcome, release status, routed-to value, and public-safe trace identifiers.
Download Receipt JSONPublic-safe manifest describing the artifacts included in the proof kit and their purpose.
Download ManifestDecision receipt proving release was withheld and a protected downstream effect did not form.
Download Decision ReceiptPublic-safe summary of attempted movement, gate invocation, refused operation, and no-bind status.
Download Runtime-Seam JSONControlled route maturity summary for L4 route-enforcement evidence without production L5 overclaiming.
Download Runtime-Seam JSONPublic-safe summary of the selected semantic projection and decision-admissibility posture.
Download Semantic Projection JSONSanitized package-level artifact showing how OntoGuard bundles governed outputs into portable proof.
Download Governance ZIPPlain-language support document for the proof kit.
Download Layer FactsSynthetic public demo only. For deeper diligence, OntoGuard can provide private packet artifacts, integration materials, and technical briefings under NDA.
OntoGuard is not only a scoring dashboard. It records the proposed movement, release-control status, no-bind receipt, protected downstream effect status, replay records, and route maturity before business consequence.
Plain English: this shows whether the AI movement was allowed to create a downstream effect.
| Proof Question | Packet Evidence |
|---|---|
| What movement attempted to advance? | AI output / proposed state transition moving toward downstream release |
| Was OntoGuard invoked before release? | Yes — controlled pre-release gate |
| What condition failed? | Release was not authorized; human review required |
| What operation was refused? | Autonomous output release |
| Was an authorization token issued? | No |
| Did downstream commit occur? | No |
| Did a protected effect form? | No |
| What receipt proves no-bind? | No-bind receipt with hashes and route references |
| Was same-condition replay shown? | Yes, replay passed |
| Was changed-condition replay shown? | Yes / controlled fixture passed |
| Were route pressure tests included? | Yes |
| Was bypass prevention tested? | Yes, in controlled harness |
| What route maturity is claimed? | Event-level / controlled no-bind proof today; production L5 requires route integration evidence |
| Is production L5 claimed? | No |
The Decision Authorization Packet is the portable proof artifact produced by OntoGuard. It is both buyer-readable and machine-readable, and it can appear as a single-run packet or a batch/corridor packet with strict-six packaging.
Plain English: this shows what the PDF and JSON preserve for audit and diligence.
OntoGuard does not only calculate uncertainty. It explains which uncertainty matters to the release decision, which threshold or routing rule affected the outcome, what evidence was visible at decision time, what blind spots remained, and what human judgment must resolve.
OntoGuard currently proves event-level no-bind proof and controlled route behavior: the proposed movement maps to a route, the gate is invoked before release, authorization is required, refusal is recorded, replay is captured, and no protected effect forms when release is not authorized.
Plain English: this shows what is proven today and what must be proven in a real production route.
| Capability | Current Status | Claim Allowed |
|---|---|---|
| AI output behavior assessment | Available today | Yes |
| Decision Authorization Packet | Available today | Yes |
| ALLOW / BLOCK / ESCALATE Decision API | Available today for governed LLM outputs | Yes |
| Controlled execution-boundary proof | Available today | Yes |
| No-bind receipt | Available today for BLOCK / ESCALATE-style outcomes | Yes |
| Same-condition replay | Available in controlled proof package | Yes |
| Changed-condition replay | Available as controlled fixture / explicit changed-condition proof | Yes |
| Route pressure tests | Available in controlled harness | Yes |
| Bypass prevention evidence | Available in controlled harness | Yes |
| Controlled non-bypassability | Asserted only for controlled harness topology | Yes, with limitation |
| Production L5 non-bypassability | Requires pilot / production topology evidence | No |
| Tool-call / memory-write production enforcement | Requires customer-specific integration | Roadmap / integration path |
| Live fine-tuning / model-weight updates | Not performed at runtime | No |
| Training-signal export | Runtime-safe export available | Yes |
Enterprise buyers can evaluate OntoGuard as a shadow-mode reviewer, async auditor, inline gateway, or VPC / on-prem deployment where applicable. Security claims are provided under diligence; no unsupported certification claim is made here.
Shadow-mode scan, async auditor, inline gateway, and VPC / on-prem where applicable.
Prompts, responses, logs, PII redaction controls, retention and deletion policy, and what is not stored.
Audit logging, access control, model/provider independence, and security review evidence.
Decision API, DAP export, evidence manifests, and proof-kit artifacts.
OntoGuard does not need your legal files, policy manuals, claims folders, contracts, or internal procedures to deliver first value. Send the AI outputs your system already produces. OntoGuard analyzes the behavior itself.
Detect unsafe recommendations, customer-impacting language, unsupported claims, and outputs that should not move forward without review.
Find outputs that sound certain when uncertainty, escalation, evidence gaps, or human judgment should be preserved.
Route only the outputs that need expert attention, with reason codes and reviewer context.
Classify workflows by readiness: draft only, recommend with review, release low-risk outputs, escalate sensitive outputs, or block unsafe outputs.
Identify avoidable review volume, repeated escalation patterns, and outputs that can be handled through lighter review paths.
Turn governed outputs into clean learning signals: good examples, blocked examples, escalation examples, rewrites, and reviewer-labeled outcomes.
OntoGuard analyzes AI behavior from outputs, logs, and proposed actions — then turns that behavior into operational intelligence.
OntoGuard does not eliminate domain experts. It reduces when and how they are needed.
Instead of asking experts to review every AI output from scratch, OntoGuard packages the decision, evidence, gaps, uncertainty, policy scope, and reason codes into a reviewable packet. The human reviewer becomes an exception authority, not a full-time AI babysitter.
The goal is not “no humans.” The goal is fewer blind reviews, faster escalation, clearer accountability, and better use of expensive expertise.
In a pilot, OntoGuard measures escalation rate, average review minutes, reviewer role, false-approval reduction, and cycle-time impact so the cost of human review becomes visible instead of assumed.
Read the packet as a release decision, not as a standalone percentage. The score contributes to the decision; it does not replace evidence, policy scope, benchmark status, or human accountability.
OntoGuard can start as a lightweight output scan and expand into Decision Authorization Packets, controlled boundary proof, human-review compression, runtime-safe training-signal export, and production route evidence pilots.
Analyze 10–25 representative prompts, responses, or logs to identify risk, uncertainty, overconfidence, inconsistency, review burden, autonomy readiness, and training-signal candidates, with larger scans available through Batch DAP / Controlled Corridor Mode.
Convert a demo output into an enterprise-grade Decision Authorization Packet with controlled execution-boundary proof, no-bind receipt, route maturity label, semantic projection, decision admissibility, and L3 improvement signals.
Portable PDF and JSON proof artifact showing what the AI attempted, what OntoGuard decided, what was refused or authorized, whether downstream effect formed, what route evidence exists, what replay shows, and what human or production evidence remains open.
The controlled proof package is useful before production deployment because it lets buyers inspect the seam: movement evaluated, gate invoked, condition failed, operation refused, no protected effect formed, receipt generated, replay shown, and route completeness honestly labeled.
Identify which outputs need expert judgment, why they need review, what evidence the reviewer should inspect, and how the reviewer outcome can become a governed improvement signal.
Runtime API that returns ALLOW, BLOCK, or ESCALATE with release status, routed_to, business effect, reason codes, evidence references, audit identifiers, and optional controlled boundary proof metadata.
Runtime-safe export of governed decisions into review-gated learning candidates. Does not perform live training or mutate model behavior.
The production pilot package is the path from event-level no-bind proof to production L5 route completeness. It attaches real route inventory, downstream endpoint behavior, token validation logs, bypass-attempt logs, reviewer closure, and outcome records.
Integration path for tool calls, memory writes, ontology changes, policy mappings, and multi-agent handoffs. Current proof is strongest for governed LLM output release; production enforcement for agentic routes requires customer-specific integration.
OntoGuard is not only an audit story. It produces measured run values that can be mapped to hard-dollar ROI once the buyer supplies baseline assumptions.
OntoGuard provides measured_run_values: allow/block/escalate counts, withheld releases, evidence packets, human-review tasks, audit artifacts, and review-burden signals. Hard-dollar ROI remains baseline-required: buyers supply review minutes, monthly volume, fully-loaded review cost, incident rates, average loss, cycle time, or cash assumptions. OntoGuard then maps the measured run into Opex Takeout, Loss Prevention, and Working Capital buckets.
OntoGuard can compare governed outputs across time, model versions, workflow types, and review outcomes to identify changes in risk, uncertainty, route posture, review burden, and autonomy readiness.
Most ontology work stops at knowledge representation. OntoGuard takes ontology into runtime: it grounds every AI proposal in enterprise objects, relationships, policies, and evidence, then uses that semantic layer to authorize, block, or escalate the proposed state transition — with full traceability and learning feedback.
This is what makes OntoGuard different: ontology becomes the active reasoning and authorization layer, not just a static data model.
The fast homepage stays concise. The appendix preserves platform architecture, ontology, BM25/evidence retrieval, proof invariants, route maturity, roadmap, and visual diligence.
Yes. The first review can start with representative prompts, responses, API logs, intended action labels, workflow labels, or demo outputs. No internal legal files, policy manuals, production deployment, or model retraining are required to begin.
OntoGuard is a semantic control plane and Decision Authorization Infrastructure. Compliance readiness is one use case; the broader product governs whether high-stakes AI output is allowed to move, must be blocked, or should be routed to human review.
Run an AI Output Risk Scan with 10–25 representative outputs or logs. OntoGuard returns risk, uncertainty, review-burden, autonomy-readiness, and selected proof-packet findings.
You receive a behavior risk map, review-burden analysis, autonomy-readiness view, training-signal candidates, and selected Decision Authorization Packets for high-risk or representative outputs.
No. Initial reviews can run in shadow mode from exported prompts, responses, logs, and workflow labels. Production route integration is only needed for production L5 evidence; see the Capability Boundary.
OntoGuard can produce a controlled Decision Authorization Packet proving that an AI output or proposed state transition was evaluated before release, release was authorized or withheld, refused operation and no-bind status were recorded, replay was shown, route pressure tests ran, and controlled route-enforcement evidence was attached. See the Runtime-Seam Proof and Public Boundary Proof Kit.
Not without production integration evidence. OntoGuard can assert controlled-harness non-bypassability for the controlled proof topology. Production non-bypassability requires a pilot or production route where the real downstream endpoint cannot commit without OntoGuard authorization.
A no-bind receipt is a compact proof record showing that a blocked or escalated output did not form the protected downstream effect. It binds the attempted movement, Decision API result, release authorization state, refused operation, downstream commit status, protected-effect status, trace ID, manifest hash, and evidence hash.
Route completeness describes how much proof exists around a governed AI movement: event governed, no-bind proof, route registered, route tested, route enforced, or route complete. The current proof package supports controlled event-level route proof. Production L5 requires real production topology evidence; see the L1 to L5 progression.
Not in the runtime path. OntoGuard exports review-gated training-signal candidates and improvement signals. It does not perform live fine-tuning, model-weight updates, DPO, RLAIF, PPO, or adapter loading during governance.
A Decision Authorization Packet is a portable PDF and JSON proof artifact showing how a high-stakes AI output was authorized, escalated, or blocked before release. It records the ALLOW, BLOCK, or ESCALATE decision, evidence, reasons, uncertainty, semantic projection, execution-boundary trace, no-bind status, route maturity, human-review routing, audit hashes, and improvement signals.
State-transition governance asks whether a proposed AI change is authorized, traceable, and safe to commit. The proposal may be an LLM output, tool call, memory write, ontology update, policy mapping, training signal, or multi-agent handoff. Current production route enforcement for tool calls, memory writes, and handoffs requires customer-specific integration evidence.
Not at the same production-enforcement level as governed LLM output release. The Decision API and JSON contract are designed to support these use cases through customer-specific integration. Production evidence requires real downstream routes, token checks, bypass-attempt logs, replay, and outcome closure.
Ontology-grounded objects, relationships, rules, clause hits, domain scope, evidence, and symbolic traces connect AI proposals to enterprise reality. This semantic layer helps OntoGuard explain why a proposed AI movement was allowed, blocked, or escalated.
The packet still exports. OntoGuard routes uncertainty to SAFE_TEMPLATE or HUMAN_REVIEW, records reason codes, preserves audit hashes, flags coverage gaps, and avoids silently blank evidence or failed artifacts.
No internal documents or production deployment required. OntoGuard will map risk, review burden, autonomy readiness, and selected proof-packet candidates.
For deeper diligence, we can provide NDA terms, private packet artifacts, integration materials, and technical briefings.
Email mark.starobinsky@ontoguard.ai for pilots, licensing, partnerships, or NDA access.