Why governance

Why Atested matters

AI agents execute actions. That's what makes them useful. They write files, run commands, make network requests, modify configurations, install packages, and interact with external services. These actions are proposed by a language model and executed by the agent or application at runtime with whatever permissions are assigned.

AI Models hallucinate

Language models generate statistically plausible completions. A completion can be confidently wrong. Atested's classifier requires inspectable parameters for every action: a file path, a URL, a recognizable command. An operation with no verifiable evidence in its parameters gets a Tier 3 or Tier 4 classification and is denied by default. Operations that lack inspectable evidence (such as deleting a directory tree through an opaque script) are denied before the agent can execute them.

What goes wrong without Atested

A single wrong operation can be irreversible

The AI deletes files, force-pushes, makes database modifications, writes scripts. When the reasoning was wrong, you are left only with the results. Without a governance record, diagnosing which decision led to the outcome requires reconstructing reasoning from outputs alone. The decision itself was not recorded. With Atested, errors in reasoning (flawed evidence, missing parameters) are prevented at the proposal stage. When something does get through, the chain provides a tamper-evident record of every decision that preceded the action.

Atested adds what you are missing

Atested checks the AI's work. Atested can't check whether what the AI proposes is right or true. No one can. It's impossible to know. We can check whether the AI is making a fundamental error in its reasoning. It is very much like requiring the AI to show its work before allowing it to proceed. The 'answer' that is the ultimate result of the AI's work we can't say is 'right' but we can make sure that at the proposal stage everything necessary for it to be 'right' was present and accounted for.

Deterministic verification over judgment

Atested's policy evaluation is deterministic. Given the same operation and the same policy rules, the evaluator produces the same decision every time. There is no judgment in the policy path. The evaluator matches evidence against rules. The rules are declarative JSON you can read (and they are published on this website). The tradeoff is that some operations are opaque to Atested. A Bash command that runs a Python script, for example. Atested can see the command string but not the script's behavior. Atested classifies these as Tier 3 and denies them by default. You can approve specific opaque operations through the dashboard after reviewing the evidence.