Cannot execute commands remotely
The hosted service, dashboard, and phone app cannot run commands on your machine.
Security model
Least-permission approval routing, not remote control.
Agent Tick routes bounded Status Updates, Steering, and Sanctions. Execution stays in your local agent environment.
Cannot send arbitrary remote prompts
Agent Tick returns only the choices or response shape supplied by the original local agent request.
Cannot bypass local execution
An approved Sanction only lets the local agent continue the action it already requested.
Minimal push by default
Hosted push notifications say Agent Tick needs attention. Request details open inside the Native App.
Separate credentials
Agents use revocable Agent Connections. Humans authenticate separately; lost devices can be revoked.
Inspect or self-host
The service is source-available under BSL and self-hostable for internal use.
Bounded loop
Local agent asks Agent Tick routes Human chooses Bounded response Local agent continues or stops