Agentic Control Plane

Understand and control your agents down to each action they take.

See, control, and price every model and tool call — across every agent framework you run. Free for individuals.

activity · acme-corp · live LIVE
Allowed
98.4%
Denied · 24h
214
PII redacted
42
Chains · live
47
Every call, streaming as agents run — identity, decision, cost, and latency on each row. Filter by decision; click a row to expand it.
cost · logs · policy — on every tool call
or book 30 minutes — I’ll wire it into your agent with you, live.
agent tool calls controlled to date · metered, not estimated ·  AgentGovBench 45/48 vs 13/48 native →
No code changes Works with your existing AI clients and frameworks One hook Uninstall anytime
See the console with real agent data — a screen-by-screen tour →
/ is this you?

You shipped an agent. Now it's a black box.

The day an agent hits production is the day you find out you can't see — or stop — what it's doing. If any of these is you:

The bill is a mystery

Same task, wildly different cost — and you find out from the invoice, not the run.

It touches risky data

It reads your .env, pulls customer PII, pipes secrets straight into a prompt — and you can't see what left the building.

Many agents, no single control panel

Every team ships in a different framework — and there's no one place to see or control them all.

/ cost

See exactly where your agents are costing you.

Cost doesn't live in your tools — pure API and database calls are effectively free. It lives in model calls, and most of those are the orchestration loop re-reading its growing transcript to decide what to do next. ACP splits every run into the loop vs the leaf sub-tasks — so you can see the real driver and move the cheap, bounded work to a cheaper model.

  • Loop vs leaf on every run — the orchestration loop is usually most of the bill
  • Loop tax: the share of tokens spent just re-reading context
  • Budget caps that halt the run, deterministically — not just a warning
  • Prices subscription traffic too — your Claude Code Max session, shown at API rates, billed to you exactly as before
What is tool call economics? →
cost X-ray · one runResearch Bot
Where the tokens went
Where the money went
Per-step breakdown
/ policy

Control what your agents can do.

Autonomous agents act without you watching. One bad tool call drops the table, emails the customer, leaks the key. ACP enforces your rules on every call — deterministically, before it runs: allow the safe ones, block the dangerous ones, redact what shouldn't leave.

  • Default-deny on destructive tools — fs.delete, shell.exec
  • Redact PII & secrets automatically, in and out
  • Real identity carried through every delegation hop
What our unattended agents can't do — and why →
policies · acme-corp enforce
fs.delete · shell.exec background tierDENY
slack.postMessage scan outputREDACT PII
http.post → private IPsDENY · SSRF
stripe.refund over $100NEEDS APPROVAL
github.pr.* PR ReviewerALLOW
* defaultALLOW + log
most-restrictive-wins · enforced on every call, deterministically
/ tool surface

Your agent walked in holding 76 tools.

Every request a coding agent makes declares its full tool catalog — the model can't call what it can't see. A real Claude Code session declares 76 tools: the coding loop, yes — and tools that send messages, publish public web pages, schedule their own future runs, and drive your logged-in browser. Most were never invoked. All of them are standing open.

ACP captures the declared surface on the agent's first call — before anything runs — and turns it into a control table: every tool a click to allow, flag, or deny. When the surface drifts mid-session (we've watched one gain 21 tools in an afternoon), you hear about it.

  • The full catalog, visible before first invocation
  • One click per tool: allow · flag · deny · ask
  • Drift detection — know when the surface grows
The Tool Surface Index — Claude Code, Codex, live captures →
tool surface · claude-code · 76 declared 64 never invoked
Bash · Edit · Read the coding loop · invokedALLOW
WebFetch · WebSearch network readFLAG
Artifact publishes public pages · never invokedDENY
CronCreate · ScheduleWakeup schedules itselfDENY
browser control 21 tools · acts as youASK
captured from the agent's own requests · governed before first use
/ get started

Your first audit row in thirty seconds.

A coding agent in your IDE, a CrewAI pipeline, a LangGraph service, the OpenAI SDK in a script — pick the method that fits your stack. One install, no code changes, and every tool call is controlled. Free for individuals.

How to install
# Hook · Claude Code · Cursor · Codex · Hermes — no code changes
$curl -sf https://agenticcontrolplane.com/install.sh | bash
    detected runtime · wrote governance hook
# now just run your agent — every tool call is intercepted:
$ claude "refactor the auth module"
    fs.write app/auth.ts   ALLOW · logged · $0.04
    shell.exec rm -rf /  DENY · policy

One install per stack — the same control plane behind all of them. See every integration →

Open core, hosted control plane. The enforcement modules are six MIT-licensed npm packages you can read and self-host — the hosted control plane is how you run them in production.

/ pricing

Free to start — 10,000 governed calls a month.

Every feature works on the free tier. You pay when you outgrow the limits — or when the whole team needs in. Never per seat.

Free
For getting your agents under control
$0/ mo
  • See, control & price every call
  • 10,000 calls / month (tool + model)
  • Unlimited agents & seats
  • Full audit, cost & policy
  • 30-day audit retention
Start free →
For teams
Team
For a team running many agents
$299.99/ mo flat
  • Everything in Pro
  • 1,000,000 calls / month · $0.20 per 1K after
  • Roles & org-wide cost rollup
  • Unlimited seats — flat price
  • 1-year audit retention
See ACP for teams →

See full pricing details, FAQ, and examples at /pricing →

Go deeper: why agents make chains of calls  ·  the delegation-chain spec  ·  how our logs caught an agent quietly getting worse

Control every tool call your agents make.

Free to start — 10,000 governed calls a month, no credit card. See your first controlled tool call in about thirty seconds.

Rolling agents out across a team? See ACP for teams →

Or book 30 minutes — I’ll wire it into your agent with you, live.
David Crowe, founder

ACP audit console: a live feed of governed tool calls with allow / redact / block decisions, tokens used, and metered cost.