SatGate gives agents bounded economic authority so humans, platforms, and upstream APIs can trust what they consume, spend, and prove.
Humans and platforms set policy. Agents consume approved primitives. Upstreams get receipt-backed proof.
Agents badge in once. Every request - verified, metered, budget-enforced.
See how it worksAgents act across tools, APIs, and paid rails. SatGate enforces policy before they act — and leaves evidence after. 30 seconds.
Free agent governance tools
Start with the flagship tools and benchmark. The full tools hub has the calculators, policy generators, and readiness checks for deeper planning.
Model loop, retry, fanout, and paid tool-call exposure before detection.
Open toolUse original JSON/CSV benchmark data to quantify agent loops, retry storms, and avoidable spend.
Open toolScore identity, budgets, MCP tools, revocation, Evidence Packs, routing, and paid-rail governance.
Open toolStart with internal agents: scope authority, enforce policy at runtime, and preserve evidence. Then open external rails - on your terms.
Always-on for non-PUBLIC routes
Every protected route requires valid credentials (Macaroons). Capabilities, caveats, delegation, and revocation-built into the protocol, not bolted on.
Your Agents - Govern Authority and Spend
verify → allow → meter/log
Start here. No workflow changes. Map authority, tools, and spend before enforcing policy.
verify → enforce budget → allow
Now enforce it. Policy and budget caps stop agents before unauthorized work executes.
Their Agents - Prevent Unauthorized Access
verify → authority proof → Evidence Pack
Govern external agent access without making payment proof equal authorization proof.
API keys are all-or-nothing. Delegated capability tokens let you set any budget, scope, and expiry per agent - and agents can't escalate beyond what they're given. Trust flows down, never up.
PUBLIC is the explicit opt-out for probes (/healthz), docs, and webhooks. Everything else is protected by default.
Agents get a credential at startup - like mounting an EZ Pass. Every request after that flows through the gateway: verified, metered, no slowdowns.
No identity lookups on the hot path. No per-request auth round-trips. Just cryptographic verification at wire speed.
Recent research on intelligent AI delegation points to a control problem we see in practice: agents need bounded authority, clear caveats, and safe ways to delegate across trust boundaries. One proposed path is attenuated capability tokens, including macaroons, that restrict what each sub-agent can access.
SatGate implements one version of that control layer.
Agents only get the permissions they need, attenuated at each delegation layer.
Per-agent and per-route economic policy, enforced before upstream execution.
When limits hit, requests stop. Not after billing. Now.
We built SatGate because standing API keys and after-the-fact alerts are a bad fit for autonomous systems. The research gives useful language for a problem we were already seeing in deployed agent workflows. - Tomasev et al., 2026
Three deployment modes. Drop-in. No rip-and-replace.
REST, GraphQL, any HTTP endpoint
Route only agent traffic through SatGate
Per-tool budgets, delegation trees
Four steps to govern agent traffic. No code changes required.
Define routes with economic policies. PUBLIC for probes/docs, protected for everything else.
routes:
- path: /healthz
policy: public
- path: /v1/*
policy: observe
- path: /premium/*
policy: chargeApply when ready. Version history + policy receipt trail. Rollback if needed.
v3 (applied) ← current v2 (available) v1 (available) Receipt: who, when, diff
Use *.satgate.cloud or your custom domain. Traffic flows through SatGate.
# Your domain api.yoursite.com CNAME → satgate.cloud # Or use ours yourapp.satgate.cloud
Receipts for allowed, denied, paid, delegated, and revoked decisions — ready to export as an Evidence Pack.
Allowed receipts: 1,203 Denied receipts: 12,847 Paid receipts: $847 settled Delegations: 42 Revocations: 9 → Export Evidence Pack
FAQ
SatGate is the Agent Authority & Accountability Layer for governed agent execution. Humans and platforms use it to delegate bounded economic authority to agents, enforce policy and budgets, prove revocation, and preserve evidence across APIs, MCP tools, and paid external calls.
SatGate applies scoped authority, per-agent policy, revocation, and budgets before each request reaches an API or MCP tool, so unauthorized actions and expensive calls can be blocked before they happen.
Humans and platforms define policy, budgets, scope, and delegation depth. Agents consume approved API and MCP primitives through SatGate, and every approval, denial, spend event, delegation, and revocation leaves receipt-backed proof.