Scale your agents safely

The control plane for OpenClaw fleets — and every other agent. Governance, security, compliance, and observability built in. Bring your own agents; Recursant gives them identity, policy enforcement, and an audit trail that satisfies a security review.

View on GitHub What it does

The problem

AI agents are spreading faster than we can govern them

Frameworks, tools, models, clouds — every team is shipping agents into production. The governance layer has not kept up.

01 · SPRAWL

Agents now reach into every layer — tools, data, APIs, models — across multiple frameworks and clouds.

02 · RISK

Every new agent multiplies compliance, security, and audit risk.

03 · GAP

Most enterprises are scaling without governance — no discovery, no audit trail, no enforcement.

The Solution

The control plane for AI agents

Sits between agents and the systems they talk to. Discovers, traces, and enforces — across any framework, cloud, or runtime.

Today: ungoverned agent sprawl0 agents · ungoverned

Tomorrow: every agent governed40 agents · governed

✕No discovery of ungoverned agents

✓Automatic discovery across every environment

✕No visibility of agent activity

✓Full visibility of every agent decision and action

✕No audit trail

✓Hash-chained, regulator-ready audit across stacks

✕No enforcement of policy

✓Real-time, inline policy enforcement on the network layer

🦞Fine-tuned for OpenClaw

Register every claw. Govern the fleet.

OpenClaw is the fastest-growing personal AI agent platform. Recursant is its control plane. Spin up 50 claws, load the plugin, and every agent appears in your registry — governed, audited, and policy-enforced from a single dashboard.

Fleet registration

Install the Recursant plugin into each OpenClaw gateway. Every agent auto-registers, goes through security review, and appears in your control plane — no manual wiring.

Governed lifecycle

Each claw progresses from DRAFT through automated security testing to ACTIVE. No ungoverned agent reaches production — every one is reviewed before it acts.

Uniform policy enforcement

PII redaction, compliance rules, rate limiting, and a tamper-evident audit trail — applied uniformly across every claw in the fleet from a single registry.

Full fleet visibility

Every tool call, every LLM prompt, every inter-agent message — traced and logged. Live mesh visualizer shows you exactly what your fleet is doing in real time.

Works with any OpenClaw gateway — personal or enterprise

Learn about OpenClaw →

Architecture

Mesh enforces agent policy in real-time

Recursant is built on the service mesh pattern with a control plane and a data plane, the same pattern as Istio for microservices.

Control plane

Registry

Flask + React app backed by PostgreSQL, Redis, and Kafka. The single source of truth for agent metadata, policies, certificates, and audit history. Includes a full web UI for governance workflows and a live mesh visualizer.

FlaskReactPostgreSQLRedisKafka

Data plane

Mesh

A Python sidecar process injected next to every agent pod, mediating all inter-agent traffic over mTLS using the A2A JSON-RPC protocol. Interceptor pipeline runs auth, policy, compliance, PII redaction, guardrails, audit, rate limiting, and resilience.

PythonmTLSA2AKubernetesHelm

Capabilities

AI enforcement on the network layer

Everything you'd build over six quarters of platform work — without the six quarters.

Sidecar mesh, mTLS by default

Sidecar injected next to every agent pod. All inter-agent traffic over mTLS using the A2A protocol with auto-rotating certs.

Real-time guardrails

Pre/post-processing interceptors with regex, vector DB, LLM-as-judge, and ML classifiers. Push policy from the registry, evaluated inline.

Identity & policy

mTLS cert CN, JWT, API key auth. Priority-ordered allow/deny with wildcard matching. Governance status enforced on every call.

Compliance built in

Sovereignty zones, data classification, GDPR consent enforcement. PII detection with Presidio or regex — redact, block, or warn modes.

Observability & audit

OpenTelemetry instrumentation, W3C trace context, hash-chained tamper-evident audit log, live Socket.IO mesh visualizer.

Resilience & traffic

Circuit breakers, retries with backoff, rate limiting, fault injection, weighted routing, failover. Production-grade traffic management.

Multi-cluster HA

Active-active across clusters with PostgreSQL replication and event bridge. Multi-registry failover with health-based promotion.

Kubernetes native

Mutating admission webhook injects sidecars automatically. Helm chart with values overlays. Calico-backed NetworkPolicy enforcement.

Bring your own agents

Works with OpenClaw, LangChain, LangGraph, CrewAI, plain Python, or anything that speaks HTTP. Recursant adds identity and policy — your code stays untouched.

See full feature catalog →

Quick start

From zero to a running mesh in one command

Recursant runs in Kubernetes — Kind for local dev, any cluster in production.

# 1. Configure secrets (LLM API key)
cp .env.sample .env
$EDITOR .env

# 2. Bring everything up — Kind cluster, build, deploy, smoke test
./scripts/install.sh

# 3. Open the registry UI
open http://localhost:8030

Full install guide →

License

Now MIT licensed

Recursant is released under MIT license. You can use it commercially, fork it, or change it as you like. Contributions are more than welcome.

View LICENSE Contributing

Built by

Anders Jensen-Waud

16 years in strategy, tech, and transformation. MBB background (Bain), Principal at Kearney. Anders architects and ships agentic AI systems for tier-1 financial services, telco, and PE — from boardroom strategy to agents in production, from legacy process to agentic workflows.

aj@recursant.ai /in/andersjw @ajensenwaud @aojensen

Every agent will need a supervisor

Star the repo, file an issue, send a PR. Recursant is better with more eyes on it.

ajensenwaud/recursant