Tenet docs

Tenet sits between your AI agent and the services it calls: the verified catalog covers Anthropic, GitHub, Stripe, and Notion (more connectors are in verification), with credentials you connect on the Protections page. Every tool call goes through tenet.execute(). We enforce policies, mediate credentials, and log the result. Every service you connect starts locked — nothing runs until you approve it.

You ship faster because the protections you'd otherwise have to build yourself (cost caps, approval queues, hash-chained audit) are already there.

What's here

  • Quickstart: five-minute walkthrough from signup to your first governed tool call.
  • tenet.execute() reference: the one function you'll call most.
  • Protections: everything Tenet enforces — trust levels, overrides, and the built-in safeguards.
  • Cost cap: configurable USD budget per agent.
  • Approvals: what triggers human review and how to clear the queue.
  • Audit log: what we record and how the hash chain works.

How Tenet works in one paragraph

When your agent calls a tool, say github.repos.delete, your code calls tenet.execute({ service: "github", toolCall: ... }) instead of calling GitHub directly. The Tenet API receives the request, evaluates it against your trust settings and active policies (service trust level, per-function overrides, cost, risk tier), and decides: ALLOW (the call proceeds with credentials we inject), ESCALATE (the call pauses and a human gets a review notification), or BLOCK (the call refuses, no side effects). Every decision lands in a hash-chained audit log.

You don't store API keys for downstream services in your agent code. Tenet does that.

What Tenet is not

  • Not a model provider. We don't host LLMs.
  • Not a workflow builder. Bring your own agent code; we wrap the tool calls.
  • Not a vector store. Retrieval is out of scope.
  • Not a credential manager for human users. We mediate agent→service credentials, not user→service.

Get started

If you have an agent that makes tool calls already, the quickstart takes about five minutes. If you're starting from scratch, sign up free — the getting-started panel can fire three sample decisions (one allowed, one escalated, one blocked) so you can see what governed tool calls look like before writing any code.