Gamut Gateway
The policy enforcement layer for agentic AI action.
Gamut Gateway evaluates proposed agent actions before execution. It controls model-provider egress, connector calls, approval gates, tool boundaries, data classification, runtime logging and audit evidence.
Discuss Gateway control designPolicy decision
Evaluate the proposed action against autonomy level, tool permission, data class, risk state, target system and approval requirements.
Connector enforcement
Route approved tool calls through tenant-configured connectors with endpoint validation, path allowlists, bounded payloads and redacted responses.
Model-provider egress
Claw does not call model providers directly. Gateway enforces policy and becomes the controlled egress point for model invocation.
Supported Gateway-mediated action patterns
- Governed assessment context through CAG
- Model invocation after Gateway policy approval
- MCP tool calls through approved server boundaries
- RAG search and retrieval with bounded, cited and redacted output
- SIEM and SOAR security actions through approved connectors
- Read-only database queries under strict query policy
- Configurable HTTP API requests
- Webhook sends to approved destinations
- Code repository actions under scoped repository permissions
- Gamut writeback for approved findings and evidence requests
Connector security controls
| Control | Why it matters |
|---|---|
| Environment-backed credential references | Raw customer secrets are not stored in Gamut tables and are not handed to Claw. |
| Endpoint and origin validation | Connector calls are restricted to approved endpoints and cannot escape to another origin. |
| Path allowlists | HTTP, webhook and repository connectors can be limited to approved route patterns. |
| Bounded request and response sizes | Payloads and responses are size-limited to reduce abuse and data leakage. |
| Response redaction | Connector output is redacted before storage, workflow use or display. |
| Audit evidence | Gateway decisions, connector use and enforcement outcomes become evidence for assurance and incident review. |
Why Gateway matters
Agentic AI changes the governance problem because agents may take actions, not just produce outputs. Gateway is designed to make those actions visible, bounded, approved and reviewable before they affect data, systems, customers or operations.
In the Gamut operating stack, Gamut AI is the system of record, Gateway is the enforcement layer, Claw is the bounded execution worker, and Workflow Studio designs the governed workflow.