Blog

On governing and proving what agents do.

June 24, 2026

The agentic web has no evidence layer

We're building careful ways for agents to discover tools, call them, and prove who they are. We've built almost nothing to prove what they actually did. That missing layer is where trust between agents will either hold or break.

June 22, 2026

Introducing capabilities.txt: a discovery standard for the agentic web

Agents can find what to read (llms.txt) and respect what to crawl (robots.txt). There's no standard way for a host to advertise what it can do. capabilities.txt is that missing layer.

June 18, 2026

Logs aren't evidence

When an AI agent does something consequential and someone asks what happened, scattered application logs aren't an answer. Here's the difference between a log and evidence — and why it's a protocol problem.

June 16, 2026

Why a protocol, not a feature

Every agent framework will add its own audit log. So why does governing AI actions need an open protocol? Because evidence you can trust has to outlive the system that produced it.

June 11, 2026

Proving why a claim was denied

Insurers are automating approve/deny decisions faster than they can defend them. Denial is a first-class outcome in CHP — which makes 'show me why' a recorded fact, not a reconstruction.

June 6, 2026

The capability boundary: where AI governance actually happens

You can't govern an AI agent by watching the model. Governance happens at the capability boundary — the moment an action crosses from intent into effect. Here's why that line is the right place to stand.

June 1, 2026

Chain of custody for AI-assisted review

When AI reads, summarizes, and flags documents in legal review, the work product is only as defensible as its provenance. CHP's evidence is hash-chained — which is, almost literally, chain of custody.

May 26, 2026

The security review that stalls your agent

You built the agent. It works. Then a security review asks what it did and whether it was allowed to — and the rollout stops. That gap is where CHP starts, and it's real today.

May 21, 2026

Controls in the contract, not the code review

When AI sits inside trading, credit, and payments decisions, 'demonstrate the controls' is the question that arrives from model risk and regulators. CHP puts the controls in the capability contract — enforced before invocation, not asserted after.

May 16, 2026

Who authorized the AI step?

AI scribes and agents draft notes, summarize charts, and prepare orders — but a clinician stays in command. CHP records the sign-off as a governed approval in the same trace, capturing who-did-what without storing the PHI body.

May 12, 2026

Who commanded the machine?

Work orders, dispatches, and machine commands are increasingly issued by software and agents, not just people. When something goes wrong, the question is who commanded it, whether it was approved, and whether a safety condition was checked.

May 6, 2026

CHP and MCP: discovery, invocation, and evidence

The Model Context Protocol answers 'what can the model call.' CHP answers 'what actually happened, and can I prove it.' They're different layers of the same stack — here's how they fit.

April 30, 2026

Evidence is not telemetry

You already run OpenTelemetry. So why would agent actions need a separate evidence layer? Because telemetry is built to help you understand a system — and evidence is built to be defended. Different jobs, and they compose.