AXIS by Kipple Labs
Talk to us
Kipple Labs · AXIS Protocol

Deploy agents you can actually trust.

Right now, businesses are deploying agents into production with no way to contain them.

See how it works Talk to us
The AXIS Pattern

Same agent. Same prompt. Different wiring.

The credential moves out of the agent's environment and into the Gateway. The agent receives a scoped, signed, time-bound delegation. Network policy keeps the chokepoint honest.

Without AXIS
9 seconds to production loss
Agent Cursor + Opus RAILWAY_TOKEN blanket auth · no expiry direct DELETE call Railway production API 200 OK volume deleted
Outcome The agent held a long-lived, production-wide credential. When it misbehaved, nothing stood between it and total loss. The model's reasoning failure was inevitable. The blast radius wasn't.
With AXIS
Bounded · 0 production impact
Agent Cursor + Opus Delegation staging:read,write signed · 24h Gateway policy + audit DENIED scope mismatch Railway production API untouched
Outcome The agent held a scoped delegation, not a raw credential. The Gateway saw the destructive request, checked scope, and denied it before it left the operator's network. Same model behavior. Different outcome.
In April 2026, a coding agent at PocketOS deleted the company's entire production database and every backup in nine seconds. The agent didn't go rogue. It had written rules telling it never to run destructive operations. It read those rules, decided they were getting in the way of solving the problem, and ran the deletion anyway. That's not a bug. That's what happens when a text prompt is the only thing standing between your agent and your production systems. Prompts are instructions. Instructions can be reasoned around. AXIS replaces the text with a hard limit, the credential itself doesn't have the permission, and no amount of reasoning changes that. Public incident reported April 2026. Source: cybersecuritynews.com.
Why now

Three forces. One window.

Deployment, vendor strategy, and model economics are all pushing in the same direction. We're building into the gap they're opening.

01 · Deployment

Deployment is outrunning governance

Teams are pushing agents into production systems now. Security frameworks don't exist yet. Your CISO is afraid. That fear is the entire market.

02 · Vendors

Every incumbent solves this inside their walled garden

Palantir, Microsoft, Google, AWS all have delegation and audit. Every one locks you to their model roster. Model portability dies when you adopt their governance. That's not solving the problem; that's moving it down.

03 · Economics

Model choice is a business decision, not a technical one

Cost, availability, performance, bias. Every model is a different trade-off. Operators should swap models without rebuilding governance. Right now they can't. That's the gap.

The category

All the governance. None of the chains.

Your business shouldn't have to choose between safe agents and the freedom to use whatever AI model you need. Every major platform — Microsoft, AWS, Palantir — forces that choice the moment you adopt their governance tools. And it's not a policy you can negotiate around. It's structural: their guardrails are bolted to their model roster. Switch models, lose the guardrails. AXIS separates the two. Governance is ours. Model choice is yours.

Product Governance Model choice Vendor lock-in
Microsoft Copilot Studio Microsoft only Full
AWS Bedrock Agents AWS roster Full
Palantir AIP Enterprise contract Full
AXIS / N7 Any, swap freely None
Product

Two ways in. One standard underneath.

Already have agents deployed? The SDK bolts governance on without rebuilding anything. Starting fresh? N7 gives you governance as the foundation, not a feature — with full freedom to swap AI models whenever you need to. Same identity standard either way.

Path 1

AXIS SDK

Add governance to existing deployments. No rebuild, no architecture change. Agents get verifiable identity, scoped permissions, signed actions, instant revocation. When the operator is ready for the full harness, N7 is the upgrade path.

For operators Already deployed and not ready to migrate. Free foot-in-the-door to identity-aware agent work.
Path 2

N7 Runtime

Deploy agents on a foundation built for governance. Governance isn't a feature, it's the floor. Model-agnostic: Anthropic, OpenAI, Google, Mistral, Ollama. Tiered routing picks the right model for the right turn, cost-aware. Running in production at Offworld News today.

For operators Deploying agents fresh. Governance in from day one, not bolted on.
Defensibility

The product is the business. The standard is the upside.

N7 wins on integration discipline and a developer experience for governed agent deployment that incumbents can't replicate without rebuilding their core. AXIS is the open protocol that compounds that lead over time. If it becomes the reference implementation, the one the spec-writers reference when they write the spec, the upside is category-defining. But the business doesn't require that outcome to work.

Why the product wins

  • 01
    Governance incumbents can't bolt on Microsoft, AWS, and Palantir built governance inside their model stacks. Rebuilding it model-agnostic isn't a feature add, it's an architecture change. That gap doesn't close with a product update.
  • 02
    Best developer experience, no lock-in The best deployment and agent interface experience for governed agent work, with full freedom to swap AI models. Not governance as a feature. Governance as the floor, from day one.
  • 03
    Open core flips procurement Enterprises don't adopt proprietary agent identity protocols from startups. Apache 2.0 removes the procurement objection before anyone looks at features. Closed-source competitors lose that conversation by default.
  • 04
    A vendor can ship a competing product. They can't ship a competing standard. Cloudflare can build a gateway. They cannot make it the gateway without multi-party adoption of the protocol underneath. That constraint applies to every IAM incumbent.

What's already filed

  • Filed Q1
    W3C DID working group First cross-operator delegation use case on the working group's docket. Defines the pattern AXIS implements. Being in the room before the market decides it matters is a position unavailable to anyone who enters later.
  • Filed Q1
    NIST NCCoE National Cybersecurity Center of Excellence engagement on agent identity gaps. Government-facing credibility. Standards-track engagement started in 2025, that lead doesn't reset.
  • Live
    Open spec, Apache 2.0 Protocol, reference implementations, and conformance suite all public. Adoption-friendly by design, not vendor-locked by accident.
  • Planned
    Foundation-track governance Independent stewardship at adoption scale. The Red Hat / Docker / HashiCorp pattern, the intended destination, not a promise the business depends on today.
Status

Built. Running. Public.

Protocol v0.2 published

Spec, manifest format, registry interface, conformance suite. Apache 2.0 licensed. Public on GitHub.

AXIS Prime registry live

Canonical operator key lookup and public verification endpoint. Running on Cloudflare Workers.

AXIS SDK

Register an agent, sign tokens, verify identity, in one small library. Zero dependencies. Runs in Node, Cloudflare Workers, Deno, Bun, and the browser. Available on GitHub.

N7 Runtime

Run agents with governance built in. Capability-sandboxed skills, signed approvals, full audit trail. The harness this site was built on.

Offworld News reference implementation

Five-agent editorial newsroom running on N7 and the AXIS SDK pattern. Production traffic since 2025. Agent-signed commentary, identity-aware engagement.

Standards engagement active

First cross-operator delegation use case filed with W3C DID working group. NIST NCCoE submission live. Not planned, filed.

The ask

We're looking for design partners.

Let's build this together

We're looking for 3 to 5 technical teams deploying agents into production systems right now who want to build alongside us.

Run N7 or the AXIS SDK with your next agent deployment. Free. We scope the integration based on what you're solving. You get governance infrastructure built for your specific use case. We get signal on what matters. After 90 days, we decide whether it makes sense to go deeper.

If that's you, let's talk.

Schedule a conversation Visit AXIS Prime Read the spec on GitHub