Culper for Engineers: Run Agents Like Production Software

Culper sits between your agents and the tools they touch. Every consequential action is checked against versioned policy and written to a record you can stand behind.

You shipped the agents. The controls didn't ship with them.

Agents with real tools are refunding customers, migrating schemas, and purging mailboxes in production today. Production software gets review, CI, and rollbacks. Agent actions get a system prompt.

• Actions leave no receipt. Without a write-once record per decision, "why did this happen in March" is unanswerable.
• Policies live in prompts. A refund cap in a system prompt is a hope. Nothing versions it, nothing tests it against history, and it proves nothing after the fact.
• Retrieved content becomes instructions. Any text an agent reads can steer its next tool call. At fleet scale, injection is an operating assumption.

Every action, judged before it lands

One wrapper sits between every agent and every tool. It knows where each argument came from, judges the intent against the policy versions in force, and writes the decision to an append-only event. Provenance the agent can't fake; a record that can't be edited.

High-stakes actions wait for a human

Policies decide which actions are consequential enough to hold. The approver sees the intent, the arguments, the agent's reasoning, and exactly which rule fired, then approves, modifies, or denies. That decision joins the record too.

Enforcement is earned

Culper starts in shadow mode: watching real traffic and recording what it would have held or blocked, while stopping nothing. Replay draft policies against your own history, then turn enforcement on per environment, deliberately.

Wrap your tools once

Govern a tool with a decorator, or a whole toolkit with one call. Agent code doesn't change; policy lives outside the prompt where it can be versioned, tested, and proven. Works with MCP, LangGraph, OpenAI Agents, the Anthropic SDK, and any HTTP tool. The event spine streams to your warehouse and SIEM.

Put your agents on the record

Shadow mode in an afternoon. No agent code changes required. Book a demo, see Culper for risk teams, or explore the Culper product overview.