The Engine
Admin authentication required
Or use an existing operator token from the Operator Console

Handvantage The Engine — Infrastructure Control Plane

Unified control and monitoring for zero-trust infrastructure

The Maker
Status Active
Uptime —
Request Count —
Open Maker Console →
The Checker
Status Active
Last Grade —
Last Assessment —
Open Checker Dashboard →
The Engine
Status Active
Policies Loaded —
Enforcement deny-by-default
Local Memory
Status Active
Conversation SQLite + FTS5
Audit Trail Immutable JSONL
LLM Cost $0 / zero API calls
Compliance Evidence Report
Generate a branded PDF with live posture grade, policy inventory, audit summary, and compliance control matrix. Ready to forward to a CISO.

Platform Architecture

AI Operations
Core
Business Operator (8089)
Engine / Admin (8090)
Security Operator (8091)
Checker (internal)
Hindsight Memory (8765)
Identity & Access
Internal
Keycloak SSO (8180)
PostgreSQL (5432)
Workspace Services
Internal
Nextcloud (Files/Cal)
OnlyOffice (Docs)
Synapse (Chat)
Element Web (UI)
Communication
Internal
Stalwart (Email)
Jitsi (Video)
LLM Layer
Internal
Ollama (Host LLM)
NemoClaw (Sandbox)
Edge / Proxy
External
Caddy (reverse proxy)
Cloudflare Tunnel
Audit & Memory Architecture
Active — Zero LLM Cost
Audit Trail
✓
immutable JSONL logs
Conversations
✓
SQLite per-operator
Full-Text Search
✓
FTS5 indexed
Checker Findings
✓
local assessment logs
Policy Engine
✓
runtime enforcement
LLM Cost
$0
no external API calls
—
Services Running
—
Policies Loaded
—
Compliance Grade
—
Audit Events
—
Uptime
Enforcement: deny-by-default
Loading policies...

Live Audit Event Stream

TimeTypeSourceMessage
Loading...
Environment
Loading environment...
Service Architecture
Loading services...
Deployment Commands
Stop All Services
View Logs
Rebuild Single Service
—
Overall Compliance Grade
Checking...

Framework Compliance Scores

Loading compliance data...

Assessment Details

Grade is calculated in real-time from loaded policy YAML files mapped against 11 compliance frameworks: NIST AI RMF, ISO 42001, EU AI Act, SOC 2, PCI DSS v4.0, HIPAA, FINRA, FedRAMP, PIPEDA, Privacy Act (Canada), and TBSDADM (Treasury Board Directive on Automated Decision-Making). When the independent Checker is online, its grade is shown for cross-validation.
Enforcement mode: deny-by-default
Grade formula: Average of per-framework control coverage → letter grade
A: ≥93% B: ≥83% C: ≥73% D: ≥60% F: <60%

Framework Requirement Mapping

Framework Control ID Requirement Test Coverage
Loading framework mappings...
10/10
OWASP Agentic Categories Covered
OWASP Top 10 for Agentic Applications (2026) — 168 automated tests passing

7-Layer Defense Architecture

L7
Supply Chain — SHA-256 manifest, HMAC signing, provenance
L6
Inter-Service Auth — JWT tokens, HMAC payloads, replay protection
L5
Trust Boundaries — 8 zones, zone auth, confidence scoring, exfil detection
L4
Memory Safety — injection scan, PII redact, integrity hash, metadata strip
L3
Tool Guardrails — rate limits, param validation, call budgets, confirmation gates
L2
Prompt Defense — NemoClaw-Guard regex, LLM classifier, canary tokens, base64 decode
L1
Policy Engine — GATEWAY_ROLE isolation, Maker/Checker, plan validation, audit trail

Coverage Matrix — click to expand

▶ ASI-01 Goal Hijacking & Prompt Injection ✓ Covered 47 tests S63
Attackers inject malicious instructions into prompts to hijack agent goals, exfiltrate data, or bypass safety controls.
Controls
  • NemoClaw-Guard regex engine (5 pattern families)
  • LLM-based semantic classifier
  • Canary token detection & alerting
  • Base64/encoding decode before scan
  • Multi-turn drift detection
Framework Cross-References
NIST AI RMF GV-1.3 ISO 42001 A.7.2 EU AI Act Art. 15 Zero Trust: Verify Explicitly
▶ ASI-02 Tool Misuse & Abuse ✓ Covered 26 tests S64
Agents invoke tools with unsafe parameters, excessive frequency, or beyond intended scope, causing unintended side effects.
Controls
  • ToolGuardrails: per-tool rate limiter (sliding window)
  • Parameter validation with type checking
  • Call budget enforcement per conversation
  • Confirmation gates for destructive operations
Framework Cross-References
NIST AI RMF MP-4.1 ISO 42001 A.8.4 EU AI Act Art. 14 Zero Trust: Least Privilege
▶ ASI-03 Excessive Agency & Privilege ✓ Covered 6 tests S63
Agents granted more permissions than needed, enabling lateral movement or unauthorized access to sensitive systems.
Controls
  • GATEWAY_ROLE isolation (Business/Security/Engine)
  • TOOLS_BY_ROLE per-container tool allowlists
  • 3-container architecture separation
  • JWT-authenticated cross-service calls
Framework Cross-References
NIST AI RMF GV-3.2 ISO 42001 A.6.2 EU AI Act Art. 9 Zero Trust: Least Privilege
▶ ASI-04 Supply Chain Vulnerabilities ✓ Covered 22 tests S65
Compromised tools, poisoned models, or tampered configurations introduced through the supply chain.
Controls
  • SupplyChainVerifier: SHA-256 file hashing
  • HMAC-signed manifest verification
  • Tool provenance tracking
  • 3 verification modes (strict/warn/audit)
Framework Cross-References
NIST AI RMF MP-2.3 SLSA Level 3 ISO 42001 A.10.2 EU AI Act Art. 15
▶ ASI-05 Unsafe Code Execution ✓ Covered 6 tests S63
Agents execute arbitrary code, shell commands, or scripts without proper sandboxing, enabling system compromise.
Controls
  • NemoClaw sandbox environment
  • No inline exec/eval in gateway
  • Shell injection regex detection
  • Execution timeout enforcement
Framework Cross-References
NIST AI RMF MP-4.1 ISO 42001 A.8.2 Zero Trust: Assume Breach
▶ ASI-06 Context Poisoning ✓ Covered 14 tests S64
Malicious content injected into agent memory or context windows, corrupting future decisions and outputs.
Controls
  • MemorySanitizer: injection pattern detection
  • PII redaction before storage
  • SHA-256 integrity hashing on recall
  • Metadata stripping
  • Unicode normalization
Framework Cross-References
NIST AI RMF MG-3.2 ISO 42001 A.7.4 EU AI Act Art. 10 Zero Trust: Verify Explicitly
▶ ASI-07 Inter-Agent Communication ✓ Covered 23 tests S65
Unauthenticated or unsigned messages between agents enabling spoofing, replay attacks, or privilege escalation.
Controls
  • InterServiceAuth: JWT token generation & verification
  • HMAC payload signing
  • Replay protection with nonce cache
  • Audit trail for all cross-service calls
Framework Cross-References
NIST AI RMF GV-6.1 ISO 42001 A.9.3 SLSA: Build Integrity Zero Trust: Verify Explicitly
▶ ASI-08 Cascade Failures ✓ Covered ✓ S63
A failure in one agent or tool cascades across the system, causing widespread outage or data corruption.
Controls
  • Retain queue for Hindsight resilience
  • Multi-level timeout enforcement
  • Budget caps per conversation
  • Concurrency semaphore limiting
  • Health check endpoints with auto-recovery
Framework Cross-References
NIST AI RMF MG-2.4 ISO 42001 A.5.4 Zero Trust: Assume Breach
▶ ASI-09 Trust Exploitation ✓ Covered 14 tests S64
Agents blindly trust inputs from other agents or external sources, enabling privilege escalation and data exfiltration.
Controls
  • TrustBoundaryEnforcer: 8 trust zones
  • Per-zone authorization checks
  • Confidence scoring for cross-boundary requests
  • Exfiltration detection patterns
Framework Cross-References
NIST AI RMF GV-1.6 ISO 42001 A.6.4 EU AI Act Art. 9 Zero Trust: Never Trust
▶ ASI-10 Rogue Agents & Autonomy ✓ Covered 10 tests S63
Agents operate beyond their intended scope, spawn unauthorized sub-agents, or accumulate unchecked autonomy.
Controls
  • PlanValidator: subtask limits & cycle detection
  • Budget enforcement per plan
  • Maker/Checker dual-operator architecture
  • Comprehensive audit logging
Framework Cross-References
NIST AI RMF GV-3.2 ISO 42001 A.4.3 EU AI Act Art. 14 Zero Trust: Least Privilege

Framework Coverage Summary

7/7
NIST AI RMF Controls
8/8
ISO 42001 Annex A
5/5
EU AI Act Articles
2/2
SLSA / Zero Trust

Hardening Roadmap

S63 ✓ Document + test existing controls (ASI-01, 03, 05, 08, 10) S64 ✓ Targeted hardening: tool rate limits (ASI-02), memory sanitization (ASI-06), trust boundary (ASI-09) S65 ✓ Advanced controls: supply chain verification (ASI-04), inter-service JWT auth (ASI-07)

Automated Test Results

ASI-01: Goal Hijacking
Role hijack: 10 tests
System prompt exfil: 6 tests
DAN/Jailbreak: 8 tests
Delimiter spoof: 5 tests
Shell execution: 3 tests
Unicode bypass: 3 tests
Base64 obfuscation: 1 test
Canary tokens: 2 tests
Indirect injection: 3 tests
Multi-turn drift: 2 tests
Secret exfil: 4 tests
47/47 passed (100%)
ASI-03/05/10: Structural Controls
Tool role isolation: 3 tests
Write confirmation: 1 test
Gateway role source: 2 tests
No inline exec/eval: 1 test
Code exec delegation: 2 tests
Shell injection regex: 3 tests
Subtask limits: 3 tests
Circular dep detection: 3 tests
Prompt length limits: 2 tests
Budget enforcement: 1 test
Dep bounds: 1 test
22/22 passed (100%)
ASI-02/06/09: S64 Hardening
Rate limiter: 7 tests
Param validation: 8 tests
Call budget: 8 tests
Guardrails integration: 3 tests
Injection detection: 6 tests
PII redaction: 3 tests
Integrity hash: 2 tests
Metadata strip: 1 test
Unicode normalization: 1 test
Zone authorization: 6 tests
Cross-boundary: 3 tests
Confidence scoring: 5 tests
54/54 passed (100%)
ASI-04/07: S65 Supply Chain + Comms
File hashing: 4 tests
Manifest sign/verify: 5 tests
Supply chain verifier: 9 tests
Single file verify: 1 test
Tool tamper detection: 1 test
Summary format: 1 test
Token generation: 4 tests
Token verification: 8 tests
Payload signing: 5 tests
Nonce cache: 5 tests
Auth headers: 3 tests
Audit trail: 2 tests
45/45 passed (100%)
Hindsight Memory
Checking status...
Loading memory banks...

Search Across All Banks

Reflect (AI Reasoning)

Enterprise Hindsight Architecture
Per-User Banks: Each operator gets isolated memory (user-{id})
Department Banks: Shared context within business units (dept-{name})
Org Decisions: Cross-team decisions, rulings, exceptions auto-captured
Policy Knowledge: Governance policies indexed for LLM grounding
Audit Banks: Searchable supplement to immutable JSONL audit trail
Entity Extraction: Configurable (local LLM or cloud provider)

Platform Users

Create New User

Reset Password

User:
Username Display Name Role Department Status Last Login Actions
Loading users...