We build the system of record for human accountability over AI agents.
Vindicara started as a runtime security engine. It became something more focused: the company that makes the record proving who authorized an AI agent, and what that agent did.
How Vindicara started
Vindicara began as a five-pillar runtime security platform for AI agents, an engine that watched agents in production, caught policy violations, scanned their tools, contained them when they misbehaved, and turned the runtime log into compliance evidence.
The transition to Project AIR
Building that engine surfaced a sharper truth. Prevention is crowded and probabilistic, and agents still go off-script in production. The question customers could not answer was not "can you stop everything," it was "when something happens, can you prove what the agent did and who authorized it." That question had no good answer on the market.
So the five pillars became the substrate, and the answer to that question became the flagship: Project AIR. The runtime engine still runs underneath, but the headline is the evidence and the enforcement that sit on top: monitor every action, enforce a deterministic floor an uncovered agent cannot cross, and prove the result with a signed, anchored, court-supportable record. No agent is autonomous. Every action traces back to a named human, and Project AIR is the record of that authority.
What we believe
We ship proof a buyer can verify, not claims they have to trust.
Enforcement runs as fixed logic, not a model that can be jailbroken.
We state what Project AIR does not do as plainly as what it does.
Every request to this site is recorded as a signed AgDR chain using the same airsdk library you install from PyPI, anchored to public Sigstore Rekor every 60 seconds and published as redacted JSONL. The trust contract is identical to what we sell: signed at the moment of action, not reconstructed from logs.