AI Contractor Runtime Governance
Let Contractors
Use AI On Your Repos
— Safely.
Every external AI-assisted action is isolated, governed, and explainable. Give contractors Claude, Cursor, shell, GitHub, cloud tools, and MCP access without putting your code on unmanaged laptops.
Free pilot. No managed laptop. No sales call required.
SCORE
Security Score
Agents
Threats
Uptime
Live Event Feed
Built on enterprise-grade infrastructure
Let me ask you something
YOUR CONTRACTOR IS USING CLAUDE RIGHT NOW
On your repo. With your secrets. Through a laptop you don't manage. Existing security assumes a managed device. AI-assisted contractors don't have one.
Without OpenSyber
Contractor + Claude + your repo + no visibility.
With OpenSyber
Isolated workspace. MCP gateway. Policy on every tool call. Audit on every action.
The flow
INVITE. ISOLATE. AUDIT.
Three steps. No managed laptop. No VPN. Audit on every AI-assisted action.
STEP 01
INVITE A CONTRACTOR
Email invite plus device-bound enrollment. They open a browser-isolated workspace with Claude, Cursor, and your curated MCP servers pre-installed.
STEP 02
ENFORCE POLICY
Every MCP tool call routes through the OpenSyber gateway. Allow, deny, redact, or step-up. Block prod Terraform. Scope GitHub to a single repo and branch.
STEP 03
AUDIT EVERY ACTION
Prompts, MCP calls, shell commands, and GitHub actions are linked into one chain. Reviewers see exactly what Claude did and which policy approved it.
opensyber invite contractor@example.comBuyer path
FROM DEMO TO GOVERNED CONTRACTOR ACCESS
The first value moment is a denied risky action plus an audit chain. The paid rollout adds identity, SIEM, evidence, and repeatable workspace policy.
For security buyers, the pilot output is concrete: an agent inventory, a Trust Graph baseline, starter policies, and exportable evidence mapped to your audit framework.
- AI contractor inventory
- Baseline Trust Graph
- MCP policy set
- Compliance evidence export
Runtime governance
EVERY ACTION HAS A CHAIN
When a contractor asks Claude to apply Terraform in production, six things happen in order. The gateway sees them all. The audit log keeps them linked.
- Contractordevice-bound session
- Claudeprompt + tool plan
- MCP gatewaypolicy check
- Reposcoped PAT
- Terraform applyprod target
- DENIEDpolicy: no prod apply
Same chain renders in the audit log. Same chain renders in the compliance export.
AI CONTRACTOR RUNTIME GOVERNANCE
A contractor opens Claude in an isolated workspace and asks for a prod Terraform deploy. Watch the gateway deny, the chain explain why, and the audit row land.
Open the contractor demoWhat you get
ONE WORKSPACE, FULL GOVERNANCE
ISOLATED BROWSER WORKSPACE
Contractor opens a hardened browser session. Claude, Cursor, MCP servers and shell are pre-baked. No managed laptop. No VPN. Device-bound session keys via TokenForge.
- Browser isolation (Kasm)
- Device-bound contractor identity
- AI tools and MCP pre-installed
MCP POLICY CHOKEPOINT
Every MCP tool call routes through the OpenSyber gateway. Allow, deny, redact, or step-up auth. Block prod Terraform, force PII redaction, scope GitHub to a single repo and branch.
- Per-workspace MCP allowlists
- GitHub policy bridge (scoped PATs)
- Step-up auth on high-risk tool calls
EXPLAINABLE AUDIT
Every prompt, MCP call, shell command, and GitHub action is linked into one trail. Reviewers see exactly what Claude did, what file it touched, what cluster it hit, and which policy approved it.
- Prompt-to-action linking
- Runtime telemetry (Falco / osquery)
- SOC 2 / ISO 27001 / HIPAA evidence export
Integrates with
WORKS WITH YOUR AI, IDENTITY, AND SOC STACK
OpenSyber sits between contractors, coding agents, MCP servers, source control, cloud, identity, and your SIEM. No rip-and-replace.
Integrations and connectors. Names are trademarks of their respective owners; listing does not imply endorsement.
The four outcomes
DISCOVER. GOVERN. PROTECT. AUDIT.
One workspace covers the full lifecycle of AI-assisted access to your repos and infra — from the first unknown agent to the last audited action.
DISCOVER
See every AI agent, MCP server, and shadow-AI tool touching your stack.
- Full AI agent inventory across teams and contractors
- MCP server and tool discovery
- Shadow-AI detection for unsanctioned assistants
Surface known and shadow AI assets across your connected workspaces
GOVERN
Decide what AI can do before it does it, not after.
- Policy engine as an MCP chokepoint
- Approval workflows for sensitive actions
- Per-agent permissions scoped to repos and infra
Block unauthorized AI actions before they run
PROTECT
Stop secret leaks, prompt injection, and poisoned MCP tools at runtime.
- Secret protection and prompt-injection detection
- MCP rug-pull and cross-session drift detection
- Supply-chain scanning with browser isolation
Catch MCP rug-pulls others miss — across days, not one session
AUDIT
Prove what every AI action did, mapped to repo and infra changes.
- Explainable audit trail for every agent action
- AI Act, SOC 2, and ISO 27001 evidence generation
- Compliance-ready exports on demand
Audit-ready evidence on every AI action
The flagship view
THE TRUST GRAPH
See every relationship between your users, agents, prompts, tools, MCP servers, databases, secrets, and models. One graph that maps how access actually flows across your AI estate.
Questions it answers instantly
Which agents can access customer data?
Which tools use production credentials?
What is the blast radius if this agent is compromised?
What systems are affected when something breaks?
THIS ALREADY HAPPENED
These aren't hypotheticals. These attacks hit real organizations in 2025-2026. Most found out from the news. The ones with monitoring found out in milliseconds.
GOVERN THE AI YOUR CONTRACTORS ALREADY USE
Your contractors are running Claude and Cursor against your repos right now. Keep guessing what they did, or put a gateway and an audit trail between them and prod.
- IsolateBrowser-isolated workspace. Code, secrets, and MCP servers never touch the contractor's laptop.
- GovernEvery Claude and Cursor tool call hits the MCP policy chokepoint: allow, step-up, or deny per call.
- AuditEvery AI action is linked to the repo or infra action it caused — one explainable, compliance-ready trail.
No managed laptop. No VPN. No sales call.