██╗ ██╗██╗███████╗███╗ ███╗███╗ ██╗ █████╗ ██████╗ ███████╗
██║ ██║██║██╔════╝████╗ ████║████╗ ██║██╔══██╗ ██╔═══██╗██╔════╝
██║ ██║██║█████╗ ██╔████╔██║██╔██╗ ██║███████║ ██║ ██║███████╗
╚██╗ ██╔╝██║██╔══╝ ██║╚██╔╝██║██║╚██╗██║██╔══██║ ██║ ██║╚════██║
╚████╔╝ ██║███████╗██║ ╚═╝ ██║██║ ╚████║██║ ██║ ╚██████╔╝███████║
╚═══╝ ╚═╝╚══════╝╚═╝ ╚═╝╚═╝ ╚═══╝╚═╝ ╚═╝ ╚═════╝ ╚══════╝
The governance layer AI agents answer to.
Vienna OS is the first execution control plane designed specifically for autonomous AI systems. It sits between agent intent and execution, ensuring every action is validated, authorized, and auditable before it happens.
AI agents are increasingly autonomous — managing cloud infrastructure, executing financial trades, controlling IoT devices, and making business decisions. But most agentic systems today operate without meaningful governance:
- 🚨 No pre-execution validation — Agents can cause damage before anyone notices
⚠️ No risk-based authorization — High-stakes actions get the same treatment as low-risk ones- 📝 No verifiable audit trails — When something goes wrong, there's no clear record of what happened or who authorized it
- 🔒 No policy enforcement — Governance rules exist in documentation, not in the execution path
This creates an unacceptable risk profile for production AI systems handling real-world consequences.
Vienna OS changes that.
Vienna OS implements a governance-first architecture that creates a control plane between AI agent intent and actual execution. Every agent action flows through a standardized pipeline:
┌─────────────┐ ┌──────────────┐ ┌─────────────┐ ┌──────────────┐
│ AI Agent │───▶│ Gateway │───▶│ Policy │───▶│ Warrant │
│ (Intent) │ │ (Validation) │ │ (Evaluation)│ │(Authorization)│
└─────────────┘ └──────────────┘ └─────────────┘ └──────────────┘
│
▼
┌─────────────┐ ┌──────────────┐ ┌─────────────┐ ┌──────────────┐
│ Audit Trail │◀───│ Executor │◀───│ Verification│◀───│ Risk Assessment│
│ (Evidence) │ │ (Execution) │ │ (Attestation)│ │ (Tier T0-T3) │
└─────────────┘ └──────────────┘ └─────────────┘ └──────────────┘
Instead of agents executing actions directly, they submit intents to Vienna OS, which:
- Validates the request structure and source
- Evaluates it against policy rules
- Classifies risk tier and approval requirements
- Issues warrants for approved high-risk actions
- Executes through controlled adapters
- Verifies completion and generates audit evidence
- Maintains cryptographic proof of governance
Time-limited, scoped execution tokens using HMAC-SHA256 signatures that bind together:
- Current system state preconditions
- Specific execution plan
- Authorized operator approval
- Rollback procedures
| Tier | Risk Level | Approval Process | Examples |
|---|---|---|---|
| T0 | Minimal | Auto-approve | Health checks, read operations |
| T1 | Moderate | Single operator approval | Deployment, config changes |
| T2 | High | Multi-party approval + MFA | Financial transactions, data deletion |
| T3 | Critical | Board-level approval | Major infrastructure changes |
Visual policy builder with 11 operators (==, !=, >, <, contains, etc.) for creating governance rules without code deployment:
IF action == "wire_transfer"
AND payload.amount > $50000
THEN require_approval tier=T2
AND notify channels=[compliance, cfo]
AND require_mfa=trueServer-sent events for live monitoring of all agent activities, policy matches, and approval workflows
Row-level security with tenant isolation, supporting multiple organizations on a single Vienna OS instance
Native language bindings for seamless integration:
// TypeScript
import { ViennaClient } from '@vienna-os/sdk';
const vienna = new ViennaClient({ endpoint: 'https://vienna.company.com' });
await vienna.submitIntent('deploy_service', { service: 'api', version: '1.2.3' });# Python
from vienna_os import ViennaClient
vienna = ViennaClient(endpoint='https://vienna.company.com')
await vienna.submit_intent('deploy_service', {'service': 'api', 'version': '1.2.3'})Pre-built integrations for popular agent frameworks:
- OpenClaw — Governance middleware for agent skills
- LangChain — Custom tool wrapper with Vienna validation
- CrewAI — Crew-level approval workflows
- AutoGen — Multi-agent conversation governance
Built-in compliance reporting and audit trail generation for security certifications
Core governance algorithms protected under Patent Application #64/018,152
┌─────────────────────────────────────────┐
│ VIENNA OS │
└─────────────────────────────────────────┘
│
▼
┌─────────────┐ ┌─────────────┐ ┌─────────────┐ ┌─────────────┐
│ Agent │────▶ │ Gateway │────▶ │ Policy │────▶ │ Risk │
│ Intent │ │ Validation │ │ Engine │ │ Tier │
└─────────────┘ └─────────────┘ └─────────────┘ └─────────────┘
│ │ │ │
│ ▼ ▼ ▼
┌─────────────┐ ┌─────────────┐ ┌─────────────┐ ┌─────────────┐
│ Audit Trail │◀──── │ Warrant │◀──── │ Executor │◀──── │Verification │
│ Evidence │ │ Generation │ │ (Adapters) │ │ & Attestation│
└─────────────┘ └─────────────┘ └─────────────┘ └─────────────┘
Flow:
- Agent submits execution intent
- Gateway validates schema and source identity
- Policy Engine evaluates against governance rules
- Risk Tier classification determines approval requirements
- Warrant issued for T1-T3 actions (T0 auto-approved)
- Executor runs action through secure adapters
- Verification generates cryptographic execution proof
- Audit Trail maintains immutable evidence chain
Option A: Live Demo (No Setup Required)
# Try the interactive quickstart example (no API keys needed)
git clone https://github.com/risk-ai/regulator.ai.git
cd regulator.ai/examples/5-minute-quickstart
npm install && node index.jsOption B: Local Setup
- Clone and Install
git clone https://github.com/risk-ai/regulator.ai.git
cd regulator.ai
npm install- Configure Environment
cp .env.example .env
# Edit .env and add your ANTHROPIC_API_KEY (get one at https://console.anthropic.com/)- Start Local Instance
npm run dev
# ✅ Vienna OS running at http://localhost:3100
# ✅ Console available at http://localhost:5173- Test with SDK
import { ViennaClient } from '@vienna-os/sdk';
const vienna = new ViennaClient({
baseUrl: 'http://localhost:3100'
});
// Submit a simple intent
const result = await vienna.submitIntent({
agent_id: 'my-first-agent',
action: 'health_check',
payload: { service: 'api' }
});
console.log('Result:', result.pipeline); // "executed" (T0 auto-approved)- Getting Started Guide — Complete developer onboarding (30 min)
- 5-Minute Quickstart — Build your first governed agent
- Example Apps — Production-ready examples with full READMEs
- TypeScript SDK — Complete TypeScript API reference
- Python SDK — Python client library
- Console — Visual management interface (when running locally)
// skills/deploy/SKILL.md implementation
import { withVienna } from '@vienna-os/openclaw';
export default withVienna({
riskTier: 'T1',
approvers: ['devops-team'],
rollback: 'automatic'
})(async function deployService({ service, version }) {
// Deployment logic runs only after Vienna approval
await kubectl.apply(`deployment/${service}:${version}`);
return { status: 'deployed', endpoint: await getServiceEndpoint(service) };
});from langchain.tools import BaseTool
from vienna_os.langchain import ViennaTool
class DeploymentTool(ViennaTool):
name = "deploy_service"
description = "Deploy a service to production"
risk_tier = "T1"
def _run(self, service: str, version: str) -> str:
# This only runs after Vienna governance approval
result = deploy_to_k8s(service, version)
return f"Deployed {service}:{version} successfully"from crewai import Agent, Task, Crew
from vienna_os.crewai import ViennaGoverned
# Vienna governance applies to entire crew execution
@ViennaGoverned(risk_tier='T2', require_unanimous=True)
class TradingCrew(Crew):
def __init__(self):
self.market_analyst = Agent(role='Market Analyst')
self.trader = Agent(role='Trader')
self.risk_manager = Agent(role='Risk Manager')
def execute_trade(self, symbol, quantity, max_price):
# Crew collaboration runs only after governance approval
analysis = self.market_analyst.analyze(symbol)
decision = self.trader.decide(analysis, quantity, max_price)
return self.risk_manager.validate_and_execute(decision)| Tier | Auto-Approve | Human Approval | Multi-Party | MFA Required | Examples |
|---|---|---|---|---|---|
| T0 | ✅ Yes | ❌ No | ❌ No | ❌ No | Health checks, metrics, read-only ops |
| T1 | ❌ No | ✅ Single operator | ❌ No | ❌ No | Deployments, config updates, restarts |
| T2 | ❌ No | ❌ No | ✅ 2+ approvers | ✅ Yes | Financial transactions, data deletion |
| T3 | ❌ No | ❌ No | ✅ Board-level | ✅ Yes | Infrastructure changes, major contracts |
Approval Escalation:
- T1: Slack notification → Single click approval
- T2: Multi-channel notification → 2+ approvers → MFA challenge
- T3: Executive notification → Board meeting → Formal resolution
Automatic Timeouts:
- T1: 4 hours (escalates to T2)
- T2: 24 hours (escalates to T3)
- T3: 72 hours (auto-deny)
- 📚 Getting Started — Complete developer onboarding guide
- 🚀 Try Live Demo — Zero-setup governance demo
- 📖 Documentation — Architecture, API reference, deployment guides
- 💬 Discord — Community support and discussions
- 📝 Examples — Production-ready agent implementations
We welcome contributions from the community! Vienna OS is open-source and built in public.
- Fork the repository
- Clone your fork:
git clone https://github.com/YOUR_USERNAME/regulator.ai.git - Install dependencies:
npm install - Run tests:
npm test - Start development:
npm run dev
- 🔧 Adapters — Integrations with new external systems (AWS, GCP, GitHub, etc.)
- 🛠️ SDK Languages — Go, Rust, Java client libraries
- 🤖 Framework Integrations — Support for more agent frameworks
- 📊 Policy Templates — Pre-built governance rules for common scenarios
- 📖 Documentation — Guides, tutorials, and API improvements
- 🧪 Testing — Expand test coverage and add integration tests
- TypeScript for all new backend code
- React + TypeScript for frontend components
- ESLint + Prettier for consistent formatting
- Jest for unit testing
- Conventional Commits for commit messages
- Create a feature branch from
main - Make your changes with tests
- Update documentation as needed
- Run
npm run lint:fixandnpm test - Submit PR with clear description
- Respond to code review feedback
- Merge after approval + CI passing
All contributors must agree to our Contributor License Agreement.
Business Source License 1.1 (BUSL-1.1)
Vienna OS is source-available under the Business Source License 1.1.
- Free for evaluation, testing, and development — use it, learn from it, build with it
- Production use requires a commercial license — contact admin@ai.ventures
- Converts to Apache 2.0 on March 28, 2030 — full open source after 4 years
This protects our work while keeping the code transparent and inspectable. See LICENSE for full terms.
Copyright 2024-2026 Technetwork 2 LLC dba ai.ventures
Licensed under the Business Source License 1.1
Change Date: 2030-03-28 | Change License: Apache 2.0
🤖 ai.ventures × ⚖️ Cornell Law
Vienna OS is developed by ai.ventures in partnership with Cornell Law School's AI Policy Institute.
Combining Silicon Valley's execution speed with Ivy League legal rigor.
Govern your agents. Ship with confidence.