The platform behind governed AI operations.
Droco is not a single feature. It is the control plane, console, and record layer you need to run AI and infrastructure work in production — and own the result end to end.
One platform, seven surfaces you own.
Each surface is inspectable, exportable, and runs in the environment your policy allows. Together they cover the whole path from request to proof.
Control plane
Identity, tenancy, policy, audit, and exports in one inspectable core. The system of record for who can do what.
Operator console
A full dashboard to read platform posture, approve sensitive work, and pull evidence — not a status page.
Policy & approvals
Sensitive tools are policy-gated. Risky actions wait for a human, tied to identity and time-bound.
Tool registry
Every capability is typed, logged, bounded, and reviewable before it ever touches a real system.
Observability
Metrics, logs, and error tracking wired through the platform so you can see health, not guess at it.
Evidence & exports
Every governed run produces a portable bundle — intent, plan, approval, execution, proof — that you keep.
Self-hostable & federated
Runs in the environment your policy allows, with a core-and-silo model. Portable formats, no lock-in.
How the platform governs every action.
Anything sensitive runs the same loop: a clear request, a specific approval, and a record you keep. This is the spine that makes the rest of the platform trustworthy.
INTENTStart with a clear request.
Before sensitive tools run, Droco captures the requested change, its expected impact, and what is out of scope. The request is tied to a person, agent, or service identity.
{
"summary": "rotate prod database credentials",
"blast_radius": "core-prod",
"tools_required": ["vault.kv.put", "nomad.job.restart"],
"approver_required": true,
"expected_outcome": "services reconnect with rotated credentials"
}APPROVALSpecific, time-bound, and reversible.
Approvals are tied to identity, policy, and environment. Each gate records who approved it, when it expires, and what it allowed.
approval.id : a47f-2826 approval.intent : intent#7821 approval.approver : platform-owner · authorized approver approval.policy : prod.rotate.requires_cto approval.granted_at : 2026-04-25T14:03:11Z approval.expires_at : 2026-04-25T14:33:11Z approval.revocable : true
EVIDENCEKeep proof you can inspect later.
Each governed run produces a bundle with the request, plan, approval, execution log, and related artifacts. Your team can export it, review it, and keep it with the rest of your records.