Gait — Signed Proof and Fail-Closed Control for Production AI Agent Tool Calls

Overview

Use Gait when an AI agent can cause real side effects and you need deterministic control plus portable proof.

Gait is not an agent framework, not a model host, and not a dashboard. It is an offline-first Go CLI that sits at the tool boundary.

Capture every prod agent tool call as a signed, offline-verifiable pack. Enforce fail-closed policy before high-risk actions execute. Turn incidents into CI regressions in one command.

Docs: clyra-ai.github.io/gait | Install: docs/install.md | Homebrew: docs/homebrew.md

Managed/preloaded agent note: managed agents can use Gait at the tool boundary, but Gait does not host the model or replace your agent runtime.

Integration First (New or Existing Agent Flows)

The integration contract is simple:

1. normalize a tool call into intent
2. call Gait for a verdict
3. execute real side effects only on allow
4. keep the signed trace/artifact

def dispatch_tool(tool_call):
    decision = gait_evaluate(tool_call)
    if decision["verdict"] != "allow":
        return {"executed": False, "verdict": decision["verdict"]}
    return {"executed": True, "result": execute_real_tool(tool_call)}

Pick the adoption lane that matches your stack:

• Inline runtime wrapper (any language): call gait gate eval in your dispatcher before tool execution.
• MCP sidecar/transport lane: gait mcp proxy (one-shot) or gait mcp serve (long-running) at the boundary.
• Python SDK lane: use sdk/python/gait for ergonomics; it is intentionally a thin subprocess wrapper over the local Go gait binary.

If you do not want Python subprocess boundaries, call gait directly from your runtime or use the MCP sidecar path.

Start here:

• Blessed lane: examples/integrations/openai_agents/
• Quickstart script: examples/integrations/openai_agents/quickstart.py
• Integration boundary guide: docs/agent_integration_boundary.md
• Integration checklist: docs/integration_checklist.md
• MCP capability matrix: docs/mcp_capability_matrix.md
• Python SDK contract: docs/sdk/python.md

When To Use Gait

• Tool-calling AI agents need enforceable allow/block/approval decisions.
• You need signed, portable evidence artifacts for PRs, incidents, or audits.
• You want offline, deterministic regressions that fail CI with stable exit behavior.
• You run multi-step jobs and need checkpoints, pause/resume/cancel, and inspectable state.

When Not To Use Gait

• No local Gait CLI or Gait artifacts are available in the execution path.
• Your workflow only needs prompt orchestration without tool-side effects or evidence contracts.
• You only need hosted observability dashboards and do not need offline verification or deterministic replay.

Try It (Offline, .gait/config.yaml Verify integrity offline

gait verify chain|session-chain Multi-artifact chain verification gait job submit|status|checkpoint|pause|resume Durable job lifecycle gait job stop|approve|cancel|inspect Emergency stop, approval, and inspection gait pack build|verify|inspect|diff|export Unified pack operations + OTEL/Postgres sinks gait regress init|bootstrap|run Incident → CI gate gait gate eval Policy enforcement + signed trace gait approve-script Mint signed approved-script registry entries gait approve Mint signed approval tokens gait list-scripts Inspect approved-script registry status gait delegate mint|verify Delegation token lifecycle gait report top Rank highest-risk actions gait voice token mint|verify Voice commitment gating gait voice pack build|verify|inspect|diff Voice callpack operations gait run record|inspect|replay|diff|receipt Run recording and replay gait run session start|append|status|checkpoint|compact Session journaling gait run reduce Reduce runpack by predicate gait mcp proxy|bridge|serve MCP transport adapters gait gateway ingest Ingest MCP gateway logs into signed policy-enforcement proof records gait policy init|validate|fmt|simulate|test Policy authoring gait doctor [--production-readiness] [adoption] Diagnostics + readiness gait keys init|rotate|verify Signing key lifecycle gait scout snapshot|diff|signal Drift and adoption signals gait guard pack|verify|retain|encrypt|decrypt Evidence and encryption gait trace verify Verify signed trace integrity gait incident pack Build incident evidence pack gait registry install|list|verify Signed skill-pack registry gait migrate Migrate legacy artifacts to v1 gait ui Local playground gait version Print version

All commands support `--json`. Most support `--explain`.

## Feedback

Issues: [github.com/Clyra-AI/gait/issues](https://github.com/Clyra-AI/gait/issues) | Security: [`SECURITY.md`](SECURITY.md) | Contributing: [`CONTRIBUTING.md`](CONTRIBUTING.md) | Code of conduct: [`CODE_OF_CONDUCT.md`](CODE_OF_CONDUCT.md)