FAQ

Veto is runtime authorization for AI agents. It checks a proposed tool call before execution, returns allow, deny, or require_approval, and can keep a decision record for governed actions.

No. Authentication tells you who the user, agent, or service is. Veto decides what that authenticated actor may do with a specific tool, argument set, tenant, and policy at this moment.

Those systems are still needed. They decide broad access. Veto adds the missing tool-call check: should this refund, export, write, transfer, or message run right now with these exact arguments?

Neither. The open-source SDK wraps the tools your agent already calls, so policy can evaluate in-process before the real action executes. The cloud adds approvals, retention, dashboard workflows, and reporting.

The critical enforcement path can run locally from cached policy. Cloud-only workflows such as dashboard views, team approvals, and long-term retention degrade according to the rollout you configure.

Deterministic policy checks are designed to be small compared with an LLM tool-call round trip. The important choice is where the check runs: keep hard policy on the local path and reserve network workflows for review and records.

Blocked actions never reach the tool. Review-required actions pause until the configured reviewer approves or denies them. The agent gets a clear verdict and the decision can be recorded for later inspection.

Veto wraps tools, not frameworks. If your agent calls tools, Veto can usually govern the tool path across OpenAI, Anthropic, Gemini, Vercel AI SDK, LangChain, MCP, browser agents, TypeScript, and Python paths.

If/else checks work until each agent, tenant, workflow, and risk threshold gets its own branch. Veto centralizes policy, review paths, and records so the control survives beyond the first demo.

Yes. Start with one risky workflow, run in shadow mode or a staging path, replay expected calls, and compare allow, deny, and require_approval outcomes before enforcement moves into production.

The SDK and policy engine are Apache-2.0. You can inspect them, fork them, and run local enforcement. Paid cloud plans add team operations around that core: approvals, analytics, retention, exports, and support.

Veto provides operational evidence: policy enforcement, approval records, and decision logs for governed actions. That can support SOC 2, HIPAA, EU AI Act, security review, and incident response work, but it does not replace counsel or a full compliance program.

Start with one action a buyer, reviewer, or operator will ask about: a refund, payout, PHI message, case update, export, deployment, or MCP tool call. Govern that action first, then expand from the record.

Use tenant-aware policy. The same SDK path can evaluate different rules by customer, workspace, environment, or workflow. Paid tiers meter governed decisions rather than seats or end users.