Launch Post

Why we built Veto

Published February 26, 2026

Agent capabilities accelerated faster than agent authorization. Teams can now wire models to shell access, browsers, APIs, and internal systems, but they still rely on prompts as the primary safety mechanism. Prompts do not enforce anything. Veto does.

The problem

Existing agent stacks are strong on orchestration and tool integration, but weak on deterministic control. In production, this leaves teams choosing between two bad options: slow down automation or accept unsafe behavior.

Veto is the authorization layer between agent intent and tool execution. Every tool call gets validated before side effects happen.

How Veto differs

  • Deterministic and LLM policy modes in the same runtime.
  • Local-first SDK for low-latency guardrails and portable workflows.
  • Human-in-the-loop approvals for high-risk actions.
  • Managed and self-hosted MCP gateway support.
  • Headless CLI commands for CI and coding agents.

Direct usage paths

Interactive Studio

npx veto-cli@latest
npx veto-cli@latest cloud login

Headless workflows for agents/CI

npx veto-cli@latest policy generate --tool approve_invoice --prompt "do not approve invoices above 50 dollars" --save ./veto/rules/approve-invoice.yaml --json
npx veto-cli@latest policy apply --file ./veto/rules/approve-invoice.yaml --target cloud --json
echo '{"amount":120}' | npx veto-cli@latest guard check --tool approve_invoice --mode local --json

MCP gateway

npx veto-cli@latest mcp init
npx veto-cli@latest mcp doctor --json
npx veto-cli@latest mcp serve --config ./veto/mcp.config.yaml

Launch outreach checklist

  • [ ] Post launch thread on X with repo and docs links.
  • [ ] Submit launch post to Hacker News with technical summary.
  • [ ] Share in relevant Discord/Slack communities (agents, MCP, infra).
  • [ ] Ask early adopters to star github.com/PlawIO/veto.
  • [ ] Capture early feedback and open follow-up issues in Linear.

Post-launch operations

Run deployment validation, incident checks, and rollback readiness with the operations guide:

Open post-launch runbook
Star us on GitHubRead docs