You can't control what your AI agent does. No budgets. No policies. No audit trail.
LeanCTX enforces roles, tool policies, token budgets, workflow gates, and SLO-driven degradation. Define who can use which tools, set hard limits on cost and tokens, gate transitions between workflow stages with evidence requirements, and run a team server with workspace isolation and audit logs.
No Guardrails, No Control
Without guardrails, AI agents can blow through token budgets, skip mandatory review steps, execute dangerous commands, and operate without any audit trail. Teams have no control over agent behavior.
Define workflows with mandatory checkpoints, cost budgets, and role-based permissions in a simple TOML file.
9 tools
Roles & Policies
Fine-grained tool access control per role with allow/deny lists and scope restrictions.
Workflow Gates
Evidence-gated state machines enforce Plan → Code → Test transitions with tool receipts.
Budget Controls
Token, cost, and shell execution budgets with automatic SLO enforcement.
Team Policies
Team Server with workspace scoping, audit logs, rate limiting, and multi-tenant isolation.
Token Scopes & ACL
Fine-grained access control per team token. Scope events, session mutations, and knowledge access independently.
Audit Trail
Every event and tool call is logged with timestamp, agent identity, and scope. Full observability for compliance.
Redaction Policies
Event payloads are redacted based on configurable policies. Sensitive data never leaves the server boundary.
Context Overlays
Reversible context mutations: pin, suppress, boost, or mark stale. Overlays stack per-project and persist across sessions.
Context Policy Engine
Declarative TOML rules for automatic context governance. Auto-pin patterns, enforce token limits, mark outdated files — all project-configurable.
5 MCP tools
LeanCTX enforces roles, tool policies, token budgets, workflow gates, and SLO-driven degradation. Define who can use which tools, set hard limits on cost and tokens, gate transitions between workflow stages with evidence requirements, and run a team server with workspace isolation and audit logs.
ctx_workflow Workflow rails (state machine + evidence). Actions: start|status|transition|complete|evidence_add|evidence_list|stop.
ctx_cost Cost attribution (local-first). Actions: report|agent|tools|json|reset.
ctx_review Automated code review: combines impact analysis, caller tracking, and test discovery. Actions: review (single file), diff-review (from git diff), checklist (structured review questions).
ctx_wrapped Savings report card. Deprecated alias for ctx_gain action=wrapped.
ctx_execute Run code in sandbox (11 languages). Only stdout enters context. Raw data never leaves subprocess. Languages: javascript, typescript, python, shell, ruby, go, rust, php, perl, r, elixir.
Every output carries proof
LeanCTX generates proof artifacts for every session: which files were read, what was compressed, which checks passed, and how tokens were spent. This makes AI work auditable, replayable, and trustworthy.
Explore Governance Tools
LeanCTX enforces roles, tool policies, token budgets, workflow gates, and SLO-driven degradation. Define who can use which tools, set hard limits on cost and tokens, gate transitions between workflow stages with evidence requirements, and run a team server with workspace isolation and audit logs.