For cloud, security, governance, and agent-platform reviewers
Cloud-governance prepilot
DVS helps technical reviewers see exactly what can move forward, what must stop, and why.
The problem it answers
- Generated claims can sound complete before they are supported.
- Agent tool calls can cross into downstream systems before review catches up.
- Governance teams need proof of why an action was allowed, blocked, or quarantined.
Fast answers for reviewers
Can you show a deterministic block, receipt, and replay record?
Yes, in a bounded local-alpha review. The proof path is: propose an action, run it through the DVS boundary, block or quarantine the unsupported case, record the decision as a receipt, and replay the same fixture to show the same boundary result. The public site does not expose private internals, but the review target is concrete: allowed action, blocked action, receipt, and replay record.
What stays local, and what leaves the boundary?
Private source material, internal server state, local databases, credentials, and raw working files stay inside the controlled environment. What can leave is a bounded review artifact: claim boundary, receipt summary, hash or nonce reference, and sanitized explanation of why an action was allowed, blocked, or quarantined.
What is implemented now versus planned for a private cloud prepilot?
Implemented now: local-alpha boundary evidence, deterministic receipt patterns, replay-oriented checks, public-safe documentation, and MCP security-wrapper positioning. Planned next: a private cloud prepilot with single-tenant review, explicit ingress and egress rules, hardened connector boundaries, and a recorded two-case demo that shows one allowed path and one blocked path.