The full picture. What Sentinel watches, how it decides, how it learns your guardrails, and exactly what it covers. Deterministic at the core, in your own boundary.
One wrong tool call reads a secret, ships your data, or runs a destructive command. By the time a human reviews the transcript, the side effect has already landed.
Same enforcement underneath, two surfaces on top. The developer sees only their own work. The security owner sees the whole fleet and gets to the five things that need a human in ten seconds.
Every endpoint, ranked. Sentinel rolls a repeated threat across many developers into one finding instead of hundreds.
One clear card: what the agent tried, why it stopped, and a single button to release it. No dashboards, no rules, no noise.
Every action is checked before it runs. The rules that protect credentials are fixed and never touch a model. Only the genuinely ambiguous cases escalate, and only to a model you own.
As your developers approve and deny actions, Sentinel learns what is normal for each workspace. Once the pattern is clear it recommends a specific policy in plain language and waits for a person to approve it. Nothing is enforced from a guess, and there is nothing to write.
Every action in the agent's path, evaluated in process at the moment it happens. Mapped to the agent loop, here is what runs through the checkpoints.
Sentinel ships today as a native Claude Code hook. One line of init and every action routes through the checkpoints. More runtimes are next.
The core is deterministic and runs in process, with no model on the block path. Credentials and hard rules are always decided that way. Only genuinely ambiguous cases can escalate to a model, and you choose which one. It runs in your boundary, never on Tuent's.
No. Checks run in the same process as your agent and finish in well under a millisecond. There is no network hop, so the overhead is not something you or your agents will notice.
It is stopped at the pre-execution checkpoint before it runs, so the side effect never lands. The agent gets a denial, the event is written to the audit trail, and on a soft flag the developer can release it in one click.
You do not write rules. Sentinel learns from the actions your developers approve and deny, then recommends a specific policy in plain language for a person to approve. Credentials and other hard rules are blocked by default from day one.
Claude Code today, through a native hook. That is the only live integration to start. Support for additional runtimes is on the roadmap, and the policy model is built to extend without forking per tool.
No. Sentinel runs on-prem. Even model escalation uses an endpoint you bring, inside your own boundary, so nothing about your agents, code, or actions reaches Tuent.