Agent Sentinel — Governance Plane for AI Agents

Enterprises deploying AI agents face three production blockers: no audit trail, no policy enforcement, no cost accountability. Agent Sentinel solves all three. Drop Sentinel in front of any MCP- or A2A-speaking agent. Every tool call passes through a four-stage pipeline: a sub-5ms static engine (regex denylists, role ACL, refund caps), a cheap drift detector for prompt-injection markers, an inline Gemini 2.5 Flash gate with structured output, and — for the ambiguous 20% — Gemini 2.5 Pro escalation that reads whole policy documents via Cached Content. No chunking, no RAG drift. Each decision becomes a hash-chained, HMAC-signed audit receipt that cites the exact policy version. The same loop emits a per-business-unit cost event for chargeback. Sentinel also publishes its own Google A2A agent card at /.well-known/agent.json so peer agents can discover the governance plane. Verified end-to-end with real Gemini: 96.8% accuracy across 155 labeled scenarios spanning 12 categories (happy path, PII variants, injection variants, role matrix, regulatory, edge cases, drift); 88 passing pytests; INTEGRITY: PASS on the hash-chained ledger after a tamper-injection test; 5,000 receipts load-tested at 800 req/s with zero chain breaks. Live at https://agent-sentinel.up.railway.app. Three buyers, one architecture: compliance officers get queryable evidence with cited policy versions, CISOs get inline enforcement plus prompt-injection defense, CFOs get per-BU cost attribution. Built end-to-end on Google's stack — Gemini 2.5 Flash + Pro, Cached Content, Files API, A2A, and a flagship adapter for Google ADK. Cloudflare for AI agents.