Bring agents into real workflows with policy, checkpoints, confirmations, and receipts before risky actions create real side effects.
Agents are moving from demos into real execution. They edit repositories, run commands, call APIs, write data, send messages, trigger deployments, and touch customer workflows.
The missing layer is not another agent builder or after-the-fact log viewer. Teams need a runtime control path that answers four questions before agent actions become real:
| Control surface | Question |
|---|---|
| Policy | What is allowed, what must be confirmed, and what must be blocked? |
| State | What can be checkpointed, restored, retried, or forked? |
| Action | Which side effects can run automatically, and which need a gate? |
| Evidence | What receipt proves the policy, checkpoint, action, and decision? |
BeforeWire builds open-source components for that path.
ForkCell is a governed execution-cell layer for AI agents: fast workspace rollback, policy-bound runs, and reviewable receipts.
pip install forkcell==0.1.0a2Current preview proof on macOS + Docker Desktop:
| Backend | Scenario | Result |
|---|---|---|
native-overlay |
500-file small repo | 550ms full governed restore path |
native-overlay |
2,408-file webapp workspace | 445ms full governed restore path |
native-overlay |
6,024-file dependency/cache workspace | 490ms full governed restore path |
local-overlay |
6,024-file dependency/cache workspace | 243ms restore |
volume-delta |
6,024-file dependency/cache workspace | 418ms restore |
Boundary: native-overlay reports restore_sync_ms=0ms for the workspace restore substrate. Full governed execution still includes sandbox lifecycle, command execution, optional log collection, and receipt generation.
BeforePaste is a local-first paste protection tool for AI workflows. It helps developers review and control what crosses the clipboard boundary before sensitive or destructive content reaches an AI tool.
BeforeWire's long-term category is Agent Trust Infrastructure for enterprise agent execution.
The product direction is an Agent Runtime Control Layer that can sit between agents and real systems:
agent plan
-> runtime policy
-> checkpoint recoverable state
-> gate risky side effects
-> execute or restore
-> emit an action receipt
This is especially important for long-horizon agents: a single task may span many tool calls, files, commands, API requests, and partial side effects. The longer the chain, the more teams need recovery points, action gates, and evidence artifacts.
BeforeWire is not trying to be:
- a generic agent builder;
- a generic security scanner;
- a promise that every external side effect can be rolled back;
- a claim that local developer machines provide cloud MicroVM-grade isolation.
The boundary is explicit:
Recoverable state gets checkpoints.
Irreversible actions get policy, confirmation, blocking, or compensation.
Every important decision gets a receipt.
BeforeWire is designed for teams asking:
- Which agent actions can run automatically?
- Which actions must be confirmed by a human or policy decision point?
- Which workspace states can be restored after a failed subtask?
- Which external side effects happened, and under which policy revision?
- What evidence can be attached to a PR, audit trail, or incident review?
If that is the control layer you need, start with ForkCell and follow the public preview releases.