The brief

Governance is velocity's prerequisite.

Every enterprise deploying agents today has the same three questions on the whiteboard: who can run one, what can it touch, and how do we prove what it did. Those questions do not have clever answers. They have a directory, a policy engine, and an audit log. Powerloom is all three, for agents.

The problem is not the model. It's the fleet.

The agents themselves keep getting better. What isn't getting better — at least not at the same pace — is the plumbing around them. Most "AI governance" products today live inside a single IDE, or a single chat surface, or a single prompt interface. That's sufficient for a prototype and insufficient for a fleet.

When one team has seven agents and another team has fifteen and the legal team has its own quiet three, the question stops being "is the agent doing the right thing" and starts being "who is allowed to deploy an agent here, against which data, with whose credentials, and where is the record." That is an operations problem. It lives in the same domain as PAM, as directory services, as change management. It belongs next to them, not inside a sidebar.

What Powerloom is

Powerloom is a declarative control plane for Claude agents. You describe your organizational tree, you bind roles to it, you register agents under OUs, and you wire up the MCP servers they can reach. Policy decisions — every allow, every deny, every inherited rule — land in a hash-chained audit log. Apply from YAML. Review in PR. Roll back on drift.

The shapes are familiar: OUs, role bindings, approval gates, append-only audit. We did this on purpose. The worst control plane is the one that invents new vocabulary for concepts IT already has good language for.

Five beliefs

  1. Governance is velocity's prerequisite. Nothing ships fast that a CISO cannot sign off on. The way to move fast on agents is to remove the "who's responsible for this" question before it gets asked.
  2. Security by absence. The best attack surface is the one that was never connected. Agents should start with zero scope and earn privileges from the directory, not borrow them from whoever deployed them.
  3. Directory-shaped, not chat-shaped. IT already knows how to reason about OUs, roles, and groups. A control plane that mirrors those shapes is one the operator can audit without reading documentation.
  4. Declarative, diff-able, reviewable. Every change to the control plane is a manifest. Every manifest lands via the same review path the rest of your infrastructure does. There is no magic console button.
  5. The audit log is a product. If you cannot prove, hash-chained, what an agent did yesterday, you cannot credibly run an agent today. The audit log is the artifact the regulator reads.

Who this is for

IT and platform teams at companies that are running more than one agent and have at least one compliance conversation on the calendar. If your first agent was a prototype and your sixth is a production system, this is the moment the plumbing starts to matter.

If you're at one agent and having fun, Powerloom is overkill. Come back when the fleet grows.

What we don't do

We don't build the agents. We don't write your prompts. We don't decide which model you use. We don't host the LLM. Powerloom is the layer that says: given your directory, given your data boundaries, given your audit requirements — here is the control plane that enforces them. Everything else is yours.

Request access →Security & trust