FIRST OPEN-SOURCE CONTROL PLANE  ·  L6 SELF-IMPROVING  ·  14 MCP TOOLS  ·  v0.10.0

The Control Plane
that governs AI agents.

First open-source control plane with a 5-stage Verified Autonomy Pipeline.
Every action verified. Every decision audited. Your infrastructure.

5-minute quickstart. Curated catalog (15+ certified). Zero lock-in.

Bring your own LLM key — encrypted at rest (AES-256-GCM). We never store plaintext.

Governed by default — every action passes through 5 policy gates before execution.

Your data stays yours — on-prem or your cloud. Zero telemetry. Full audit trail.

TERMINAL
$ pip install -e ".[dev]" && occp demo
Start Onboarding → Dashboard ★ View on GitHub
Verified Autonomy Pipeline

Five stages. Zero surprises.

Every agent action traverses the Verified Autonomy Pipeline before touching your system. No shortcuts, no overrides, no exceptions.

01
Plan
LLM generates structured action plan with dependencies and risk assessment.
02
Gate
Policy engine validates against rules: PII guard, injection defense, custom policies.
03
Execute
Verified actions execute with full observability and circuit breaker protection.
04
Validate
Output sanitization and result verification against expected schema and constraints.
05
Ship
Audited result delivered with SHA-256 chained provenance and full trace.
Capabilities

Built for production-grade
agent governance.

Not just a wrapper. A complete governance layer with policy enforcement, observability, and failover — built for teams that can't afford incidents.

Reliability

Multi-LLM Failover

Bring Your Own Model — automatic cascade across providers with circuit breaker logic. Never block on a single LLM outage.

Anthropic → OpenAI → Echo circuit-breaker
Security

Policy Engine

PII guard, prompt injection defense, output sanitization, and fully customizable rule sets — all enforced at the gate.

PII guard injection defense custom rules
Core

Verified Autonomy Pipeline

Runs on Your Machine — 5-stage pipeline ensures every agent action is planned, gated, executed, validated, and shipped — with no bypass.

5 stages no bypass full trace
Compliance

Tamper-Proof Audit

Full Observability — SHA-256 chained audit log with full provenance. Every decision, every output — immutably recorded for compliance.

SHA-256 chained log provenance
Enterprise

Enterprise Auth

JWT authentication, role-based access control, and EU AI Act aligned controls (Art. 12, 14, 19) — ready for enterprise procurement. Not legal advice; verify compliance for your deployment.

JWT RBAC EU AI Act
Isolation

Sandbox Isolation

Code execution in nsjail, bubblewrap, or process-level sandboxes. Auto-detected at startup based on available binaries and kernel capabilities.

nsjail bubblewrap auto-fallback
v0.10.0

14 MCP Runtime Tools

Server-side tool dispatch: WordPress REST API, SSH node execution, filesystem sandbox, HTTP client. Brain controls 4 infrastructure nodes via SSH.

WordPress API SSH nodes runtime bridge
v0.10.0

Kill Switch & AutoDev

Hard-stop with state capture, E2E drill tested. Safe self-improvement pipeline: propose → sandbox → verify → approve → merge with git worktree isolation.

session scope skills tool policies
EU-ready

EU AI Act aligned by design.

OCCP supports EU AI Act requirements: record-keeping (Art. 12), human oversight (Art. 14), audit trails, and log retention (Art. 19). Not legal advice; verify compliance for your deployment.

5-Minute Quick Start

Governance in
three lines of code.

Drop OCCP into any Python async stack. The pipeline handles policy enforcement, failover, and audit logging automatically — you just define the task.

  • Zero-config policy defaults with sensible security baselines
  • Async-native, designed for high-throughput agent workloads
  • Every result includes full provenance chain
  • Plug-and-play with any LLM provider
example.py python 
from occp import Pipeline, PolicyEngine
from occp.planners import ClaudePlanner

# Initialize with policy enforcement
pipeline = Pipeline(
    planner=ClaudePlanner(api_key="..."),
    policy_engine=PolicyEngine(
        pii_guard=True,
        injection_defense=True,
    ),
)

# Run task through the Verified Autonomy Pipeline
result = await pipeline.run(task)

# Every step: verified, logged, auditable
print(result.audit_chain)    # SHA-256 provenance
print(result.policy_report)  # Gate decisions

[SYSTEM STATUS]

328
Tests Passing
5
Pipeline Stages
4
Security Guards
100%
Audit Coverage
Open Source

Built for developers who need
governance, not just speed.

OCCP core is MIT-licensed and free forever. The full Verified Autonomy Pipeline, policy engine, audit logging, and multi-LLM failover are open source. llms.txt is available at occp.ai/llms.txt for AI discoverability. Enterprise Edition adds SSO, advanced analytics, SLA-backed support, and on-premise deployment.

MIT License Free Core Forever ★ Enterprise Edition v0.10.0 L6 14 MCP Tools · 8 Agents
★ Star on GitHub Read the Docs →
Enterprise Edition Features
SSO / SAML 2.0
Advanced analytics dashboard
On-premise deployment
SLA-backed support (99.9%)
Custom policy authoring
Dedicated audit export API
Multi-tenant isolation
Priority failover routing
Compliance reporting (SOC2)