Canopy

Governance for autonomous agents.

One-stroke bridge illustration

Governance before agents act.
Evidence when they don't obey.
Trust when they coordinate.

What

A deterministic, auditable pre-execution governance layer for autonomous agents. Keeps agents inside the rules. Leaves a tamper-evident trail when they go off-script.

ALLOW DENY REQUIRE_APPROVAL
Install
pip install canopy-runtime

from canopy import authorize_action

result = authorize_action(
    agent_ctx={"public_key": "pk-001"},
    action_type="execute_shell",
    action_payload={"command": "rm -rf /"},
)
# → DENY
Pipeline

Constitution  — 3 immutable laws
Civil Code    — 10 configurable titles
Firewall      — pattern matching
Policy YAML   — your rules
Audit trail   — hash-chained + AVID

Constitution
Art. 0 No catastrophic risk — immutable, no override
Art. 1 Protect human life and dignity
Art. 7 Sovereign kill switch
Forensics

Every decision records an authorization_id, avid, trace_id, and policy_snapshot. Reconstruct any incident — or prove it never happened.

canopy-incident --trace <id> audit.log

Adapters

LangChain  ·  LangGraph  ·  CrewAI
AutoGen  ·  OpenAI Agents SDK  ·  OpenClaw

Toolkit

canopy-quickstart    canopy-console
canopy-inspect      canopy-policy-pack
canopy-incident     canopy-verify
canopy-report       canopy-lint-policy

Roadmap
v0.5
Approval workflows, audit sinks, policy test runner
v0.6
LLM judge, anomaly detection
v1.0
Agent-to-agent protocol, distributed trust, AVID passports
v2.0+
Multi-agent networks, reputation systems, Canopy Cloud
Links
Quickstart GitHub PyPI Manifesto
"Real autonomy in exchange for responsible witness."
Canopy Constitution, Preamble