CtrlAi
Try free

Company DNA for the AI era

Build the AI tools your company needs.
Composed from your rules and verified components.

Cursor and ChatGPT generate anything you prompt. Ctrl AI composes Apps from signed primitives — your team’s rules plus a library of verified universal components. Every step typed. Every action Ed25519-receipted. Every refusal traceable to a signer.

Start the AI Rules onboarding Watch how it works
Or book a demo
App run · triggered by SlackRefundProcessor@v4
Slack: /refund T-1827 $480
01
FormForm input

ticketId, amount, reason

from Slackuser input
02
Ctrllookup-customer · v2

{ plan: "Enterprise", region: "EU" }

Mike
org-signed
03
Component<Branch> · v1.2

matched: amount > 300 → escalate path

Verified
open-source
04
Ctrlcheck-refund-policy · v3

{ allowed: true, requires: "VP" }

Sarah
org-signed
05
Component<PostSlack> · v1.1

→ #finance-approvals · message queued

Verified
open-source
Sealing… · Receipt #2,841Ed25519 · 5 sub-receipts
247Signed Ctrls18Verified Components89Apps deployed1.2MReceipted runs · 7dBacked by a public transparency log. Auditable forever.
Spec v0.4.1Evidence on every receipt7 Ctrl kindsRBAC-scoped tool surfacePortable to GitHubW3C Verifiable Credential

The primitives

Two signed primitives. One composition.

Your AI composes from two signed libraries.
Ctrls encode rules unique to your company — your team signs them. Verified Components encode universal capabilities — open-source, versioned, audited. Every App uses both.

Ctrlorg-signedapprove-discount@v4
SarahCRO
Input
deal_size_usdnumber
discount_pctnumber
requestor_rolestring
Output
approvedboolean
required_signerstring | null
Rules unique to your company247 in your library
Verifiedopen-source<Branch> · v1.2
Verifiedaudited · versioned
Props
cases{ when, then }[]
elseExecutorPlanStep[]?
Behavior
evaluatesfirst matching when
firesmatched branch body
Universal capabilities every company uses18 in the catalog
Composed into
AppRefundProcessor@v4
composed
Ctrls · 2lookup-customer, check-refund-policy
Verified · 3<Branch>, <PostSlack>, <KpiCard>
Sealing… · Receipt #2,841Ed25519 · 5 sub-receipts

Two signatures on every receipt.
Your team’s authority where the rule lives. A verifiable open-source supply chain where the substrate runs.

Provenance

Click any sentence. See what made it true.

Every factual claim your AI emits binds to the receipt of the Ctrl that produced it — whether the AI answered a question in /ask, ran an App for your team, or fired one autonomously on a schedule. Open the receipt and you see the signers, the post-conditions that passed, and the literal paragraphs the runtime read — signed and hashed alongside.

/ask · synthesis from ⌃ Sales

Q3 ARR is $2.87M against the $4.5M target — a $530K gap. Two deals totaling $415K are flagged at-risk — Acme renewal (champion left) and Brightline (budget freeze).

Recommend doubling down on the two at-risk deals this week and accepting that Q3 lands ~12% under plan.(uncited — synthesis)

Receipt · data_lookup
lookup-crm-pipeline-summary
invocation: inv_lookup_pipeline
verified
Signed by Mark Liu· VP Sales · Sales
Post-conditions
  • non-negative-arr
  • currency-usd
Evidence the runtime consulted
Source [1] · data_lookup
Salesforce · Q3 2026 Pipeline view

Total Q3 closed: $2,870,000. Target: $4,500,000. Gap: $530,000 (12% behind plan).

sha256: f1d2…a6e3
Ed25519 · spec v0.4.1 2026-05-18 12:00:08Z
This is what your auditor sees.Public verifier

The drawer your auditor opens is the drawer your team opens.
No separate compliance product. The receipt is the audit trail.

The library

Your company’s brain. It grows every day.

Every doc you upload, every rule your expert signs — a new Ctrl, bound to a real human in a real department.
Every AI surface in your company gets smarter together. Green pulses are invocations happening right now.

+12signed · this week1.2Minvocations · 7d0audit failures
Signed Ctrls269
SalesSarah Chen
47
Customer SuccessMarcus Webb
52
EngineeringYuki Tanaka
48
FinanceJia Park
38
LegalAlex Rivera
19
MarketingPriya Reddy
23
PeopleTom Kowalski
14
OperationsLena Mueller
28
Verified

Composed with 19 verified universal components

open-source · ctrl-ai/components-v1
Visual · 5
<Chart><Table><KpiCard><Timeline><Diff>
Phase A
Orchestration · 3
<Branch><ForEach><Parallel>
Phase A
Integration · 5
<PostSlack><PostWebhook><AppendSheet><CreateLinearIssue><McpToolWrapper>
Phase B
AI Capability · 5
<AgentLoop><ResearchAgent><ClassifyAgent><SummarizeAgent><DraftAgent>
Phase C
Data · 1
<CtrlChainResolver>
Phase C
+3 published last release · Phase CCompose with your Ctrls · same audit trail · same receipts

Your library is your moat. The verified components are your speed.
Both signed. Both versioned. Both audited end-to-end on every run.

Apps

Then your team runs Apps.

Forms in. Signed Ctrls through. Typed outputs out.
Every step is a function someone in your company authored, reviewed, and signed. There is no “inline code” for an App to ship. There is no “outside the substrate.”

3-5Ctrls per App · typicalApp runs per Ctrl signed0lines of code authored

ExpenseClassifier

Financereactive

Categorize an expense against your policy.

Vendor
Stripe
Amount
$245.00
Description
Q3 conference travel
→ 6840 · Travel · within policy
2 Ctrls1 Componentcomposed
ReadyRun App

WeeklyComplianceSweep

Complianceproactive

Scan posture every Monday 09:00 UTC.

Trigger
0 9 * * 1UTC
Next fire · in 2d 14h
→ Failing controls + owner notify
2 Ctrls2 Componentscomposed
MonitoringRecent runs

ContractRiskOnUpload

Operationsproactive

Scan contracts the moment they upload.

Trigger
document.uploadedevent
Subscribed · 47 fires this month
→ Risk findings + gate to legal
2 Ctrls2 Componentscomposed
MonitoringRecent runs

Triggers

Reactive Apps wait. Proactive Apps fire.

Cursor and ChatGPT only run when a human prompts them. Ctrl AI also fires Apps on a schedule, a document upload, or another Ctrl's completion. Every fire is a Mission with a “Fired by trigger” banner — never a Mission that materializes from nowhere.

Scheduledcron · Proactive
WeeklyComplianceSweep

Every Monday morning, sweep posture. Flag drift. Notify the compliance owner with a summary + the list of failing controls.

Next fire: Monday 09:00 UTC
cron · 0 9 * * 1
Event-drivenevent · Proactive
ContractRiskOnUpload

When a doc that looks like a contract uploads, scan it for risk clauses. Gate the findings for legal approval before notifying.

Predicate: name matches /msa|nda|sow|contract/i
event · document.uploaded
Chainedchained · Proactive
CustomerEscalation

When sentiment classification returns critical, pull account context, draft a response, gate the send for owner approval.

Predicate: outputs.sentiment === 'critical'
ctrl_completed · classify-support-sentiment
3trigger kinds · all wiredevery minutecron sweep cadenceaudit-logtrigger failures · queryable per App

App Library

Install your first App. 60 seconds.

Curated templates. Every one composed from signed primitives.
Each template carries a manifest of expected Ctrls — install warns about gaps before it runs, with one-click links to the Ctrl drafter. No surprises at runtime.

4starter templates3trigger kinds covered1-clickinstall workflow
Browse the App Library

ExpenseClassifier

Financereactive

Categorize an expense, check it against policy, flag exceptions.

Pipeline
Form · 2-step pipeline
Composition
2 Ctrls1 Component
CuratedInstall

WeeklyComplianceSweep

Complianceproactive

Sweep posture every Monday. Notify owners of failing controls.

Pipeline
Cron · 0 9 * * 1 UTC
Composition
2 Ctrls2 Components
CuratedInstall

ContractRiskOnUpload

Operationsproactive

Scan contracts when they upload. Gate findings to legal approval.

Pipeline
Event · document.uploaded
Composition
2 Ctrls2 Components
CuratedInstall

CustomerEscalation

Supportboth

Manual or auto-fire on sentiment=critical. Pull context, draft response, gate the send.

Pipeline
Form + ctrl_completed trigger
Composition
3 Ctrls2 Components
CuratedInstall

The hub

Every model. Every App. Every answer. Through one signed substrate.

/ask, an App run, a triggered fire from cron or an upload — every invocation routes through one signed substrate to a specific primitive (a Ctrl from your library, or a verified component from the catalog), which decides whether to call a model, pull from data, or both, then returns a typed reply with a sealed receipt.

⌃ Ask
⌃ Slack
⌃ Voice
⌃ Email
⌃ Web
⌃ MCP
Routerscope · trust · model
Claude 4.7
Haiku 4.5
GPT-5.5
Gemini 3.1
Salesforce
HubSpot
Stripe
Notion
Postgres
Active Ctrl · deterministic · Denoapprove-discount@v4
Sarah Chen
Can I give 15% off this $50K deal?
deno · executing
const CAP = { SDR: 0.05, AE: 0.10, VP: 0.20 };
if (discount_pct <= CAP[role])
  return { approved: true };
return { approved: false, required_signer: "CRO" };
Typed replyBlocked · escalate to Sarah Chen (CRO)
Receipt · Ed25519 · seq #2,841

What makes this different

Every tool ships AI now. Only one signs the substrate.

ChatGPT and Lovable generate. Slack AI and Glean answer from chunks. Zapier and n8n compose unsigned workflows. None refuse when the question isn't covered. None cite a human signature. None emit a receipt that the regulator can verify. None ship a two-layer signed substrate with universal components plus your team's rules. We do.

01 · Generative AI

ChatGPT · Claude · Cursor · Lovable · Replit · Gemini

An averaged voice with no company knowledge. Generates anything you prompt — including things you'd never authorize. Vibecoding for the weekend; not production.

internetwikipediaredditblogstweets
? question
⤓ answerfabricated
Refuses when uncovered✕ No
Cites the signer✕ No
Composes only — never generates✕ No
Ed25519 receipt per action✕ No
Two-layer signed substrate✕ No

02 · SaaS AI + automation

Slack AI · Monday · Glean · Zapier · n8n · UiPath

Each app decides independently. Zapier composes workflows, but nothing is signed; Glean answers from chunks, but nothing cites a human. No substrate across systems.

SlackSlack AI
MondayMonday AI
HubSpotHubSpot AI
NotionNotion AI
Refuses when uncovered Partial
Cites the signer✕ No
Composes only — never generates Partial
Ed25519 receipt per action✕ No
Two-layer signed substrate✕ No

03 · Ctrl AI

Two signed libraries · one composition

Composes only from rules your team signed and a catalog of verified universal components. Refuses when no signed primitive applies. Every action emits a receipt with the chain of signatures intact.

Slack
Voice
Email
Web
MCP
discount
refund
expense
clause
deploy
Sarah
Marcus
Jia
Alex
Yuki
Refuses when uncovered Yes
Cites the signer Yes
Composes only — never generates Yes
Ed25519 receipt per action Yes
Two-layer signed substrate Yes

They generate. They silo. They compose unsigned.
We compose from two signed libraries — your rules and a verified universal catalog.

Lifecycle

When your docs change, your AI changes.

But only after a human signs.

No silent updates. No drift. When the policy moves, the Ctrls bound to it move to review pending. Your AI keeps the old rules until your expert reads the diff and re-signs. The receipts chain shows every version forever — and every past receipt is replayable against the new policy. Drift shows up automatically, before your auditor asks.

State 1 of 300:00 / 00:13

Today

Signed and current

discount-policy v3 is signed. All bound Ctrls are verified.

Policy documentdiscount-policy.pdfversion v3

Ctrls bound to this policy · 3

Ctrlapprove-discountverified · v3
Ctrlqualify-dealverified · v2
Ctrlsend-contract-quoteverified · v1
Signed bySarah ChenLast signed 2026-04-12

The standard

Your signed Ctrls live in version control.

A signed Ctrl exports as .ctrl — a canonical YAML file with the schema, the signature, the fixtures, the regulatory citations. Commit it to your repo. PR review for policy. CI fixture runs gate every change. Merge to deploy.
The verified components catalog lives in the open at ctrl-ai/components-v1 (Apache-2.0) — the same canonical-file discipline, the same audit story. Both signed. Both versioned. Both inspectable on disk.

commons/v0/fintech/kyc-check.ctrlon branch · author-kyc-v1
apiVersion: ctrl.dev/v0
kind: Ctrl
metadata:
  slug: commons-kyc-check
  name: KYC Check (Commons v0)
  description: |
    Returns a KYC verification status, including
    PEP and sanctions screening.
  version: 1
  domain: compliance
  dataSensitivity: confidential
  containsPii: true
  riskClass: high
  appliesToJurisdictions: [EU, UK, US]
  satisfiesClauses:
    - framework: amld6
      clause: art-13
spec:
  inputSchema: { … }
  outputSchema: { … }
  implementation:
    kind: data_lookup
    connectorId: PLACEHOLDER-kyc-connector
    toolName: verify
  postConditions:
    - id: review-required-on-pep
      severity: error
      expr: outputs.pepStatus !== "pep" || outputs.reviewRequired === true
  fixtures:
    - name: clear-customer
    - name: pep-flag-triggers-review
signatures:
  author:
    userId: usr_sarah
    signedAt: 2026-05-01T12:00:00Z
Canonical YAML · stable byte order · Ed25519-signable
Add KYC Ctrl with PEP screening
#142 · author-kyc-v1 → main · 1 file changed, +84 −0
Checks · 4 passing
  • Ctrl AI Fixtures· 3 .ctrl files validated · 6 fixtures green
  • typecheck· No type errors
  • build· next build · 38s
  • lint· 0 errors · 0 warnings
Reviewers
⌃ Sarah Chen requested changes resolved · approved
Squash & merge→ triggers org · ctrl:import

Same artifact your auditor verifies. Same artifact the GitHub Action runs fixtures against on every PR. Same artifact any W3C VC verifier can validate offline. Same discipline applies to the verified components catalog on disk.

npm run ctrl:export.github/actions/ctrl-fixturesctrl-ai/components-v1 · Apache-2.0did:web:<org>Ed25519Signature2020

Cross-org by construction

Audit by graph. Authority by passport.

Every decision an AI makes for your company traces back to the chain of signed primitives — your Ctrls and the verified components they compose with — that produced it. And every external agent — your consultant's Claude Code, your vendor's Cursor — carries one passport across every client org, with per-primitive grants signed independently by each.

Decision DAG

Click any answer. See the chain that produced it.

From the receipt drawer → "Why this decision?" → opens /decisions/[invocationId]

Session envelope · sealed
merkle: 9c2a…b074 · 4 receipts
sessionstep 1
lookup-loan-applicant
Lookup Loan Applicant
verifieddata_lookup
⌃ Sarah · CRO
pre-flightstep 2
refuse-pii-export
Refuse PII Export
groundedrefusal
⌃ Mark · GC
rootstep 3
score-credit-risk
Score Credit Risk
groundedgrounded_llm
⌃ Sarah · CRO
triggerstep 4
send-denial-email
Send Denial Email
verifiedexternal_action
⌃ Sarah · CRO
/decisions/[invocationId]Open the live page
Agent passport

One agent. Every client. One passport.

Ed25519-signed by the issuing org. Each client grants per-Ctrl access, independently.

Agent passport
urn:ctrl-passport:pass_abc
Subjectclaude-codevendor · Anthropic
Issued byAcme Consultingdid:web:ctrl.dev:orgs:acme-consulting#receipts-2026
Ed25519Signature2020 · W3C VC v2
Per-org grants matrix
  • Acme Corp
    7 Ctrls granted · read · forecast Ctrls
    live
  • Beta Industries
    12 Ctrls granted · read · audit Ctrls
    live
  • Gamma Holdings
    4 Ctrls granted · read · KYC pack
    live
inter_org_grants · per-row signed by each org

The audit story isn't a separate product.
The Decision DAG falls out of the receipt chain. The grants matrix falls out of the passport table. Compliance is shape, not feature.

Pricing

Every tier ships the same receipts.

Three tiers. The transparency log, the signed Ctrls, the audit trail — every tier gets the full system. Tier is signers and library size, never features.

Team

$199/mo
Small teams getting started
  • Up to 5 signers
  • 25 signed Ctrls
  • Community packs
  • BYOK
Start free trial

Company

Recommended
$399/mo
50-200 person companies
  • Up to 25 signers
  • 100 signed Ctrls
  • Premium packs (SOC 2, GDPR)
  • Slack · voice · email · web · MCP surfaces
  • Audit-grade transparency log
Start free trial

Enterprise

Custom
200+ person companies
  • Unlimited signers + Ctrls
  • SSO + SAML + audit roles
  • Dedicated infrastructure
  • Custom packs + co-signed by your experts
  • Procurement / DPA / red team support
Book a demo
See full pricing Book a demo

Start in 60 seconds

Drop a doc.
Be running in 60 seconds.

Upload 3–5 foundational docs. Sign the Ctrls the extraction agent drafts. Your team installs Apps from the library — reactive and proactive — composed entirely from signed primitives.

Or fork a Ctrl Commons pack — KYC, AML, sanctions screening, FX, audit-cadence — signed scaffolds you re-sign for your jurisdiction.

Try with your policies Or explore a sample company
Or book a demo
PDF / MD / DOCXDrop a doc60 secondsSign one CtrlSlack · voice · email · MCPInvoke from anywhere
Drop a policyor use sample