runestone labs gatekeeper
Early access

DESIGN PARTNERS

Shape Gatekeeper
with us.

Five slots this quarter. Direct founder time, a custom feature built for your stack, hosted tier free for a year when it ships. For teams putting agents into production — not roadmaps.

● OPEN SOURCE

Don't need us. Just install it.

OSS works today. v0.3.1, Apache‑2.0, 268 tests, production‑tested. No signup required. 

npm i @runestone-labs/gatekeeper-client

docker run -p 7337:7337 \
  ghcr.io/runestone-labs/gatekeeper:latest
Read the source →
Q2 cohort · 5 slots
◆ DESIGN PARTNER

Work directly with the founder. For 6 weeks.

If you've got a real agent workload and real stakes, we'll tune Gatekeeper to your stack, ship a bespoke feature, and put your logo on the launch post. You get the hosted tier free for a year when it lands.

Apply → Or email direct

What you get

Weekly 1:1 with me
Not a "partner success manager" — the founder. Debugs, policy reviews, roadmap conversations. 45 minutes, every week, for six weeks.
Private Slack channel
Sub-hour response during US work hours. Send us your policy files, your weird edge cases, your "wait this doesn't do X" — we'll be in it with you.
One custom feature
Within scope, shipped in four weeks. You tell us what's missing; we build it. Real influence on what ships, not a suggestion box.
Policy templates for your stack
We co-write the YAML with you, tuned to your agent framework (MCP, LangChain, Claude SDK, custom), your threat model, and your deploy environment.
First access to unreleased features
You see what's in the pipeline before anyone else. Ship-to-you first, then public a few weeks later.
Hosted tier free for a year
When Runestone Cloud ships, your team is on it at no charge. No strings. No "then you pay" surprise.
Name on the launch post
If you want public credit: logo on the announcement, quote in the blog, a voice in the story. If you don't: completely off the record.

Is this for you?

● YES, IF
  • → Your agent already hits real systems — shell, prod APIs, databases, cloud.
  • → You've had "the incident," or you're engineering enough to know one is coming.
  • → Compliance (HIPAA / SOX / EU AI Act) is going to ask for an audit trail.
  • → You want to put a policy layer between your LLM and the real world and actually keep it turned on.
  • → You can give us 45 min/week for six weeks and an honest use case to observe.
○ PROBABLY NOT, IF
  • → You're evaluating agent-security vendors and want a 40-page comparison.
  • → Your agent only calls an LLM, no tools. You don't need Gatekeeper yet.
  • → You want a managed SaaS proxy that handles everything. We're local‑first.
  • → You want "AI safety" — philosophical framing, not enforcement. Look elsewhere.
  • → You don't have a concrete workload yet. Come back when you do.

How the six weeks go

  1. Week 0
    Kickoff
    30-min call. You describe your agent workload. I sketch a first-draft policy by the end of the session. You install Gatekeeper locally.
  2. Weeks 1–2
    Running in dev
    Policy gets tuned against your actual workflow. Rough edges surface — we fix them together. Your Slack channel goes live.
  3. Weeks 3–4
    Custom feature in flight
    We scope and build the one thing Gatekeeper doesn't do yet that you need. You review it. It ships to you first.
  4. Weeks 5–6
    Production
    Roll Gatekeeper out to your real agent. First audit-logged deploys. First real approval flows. We debug anything that breaks in real time.
  5. Week 6+
    You keep it
    You keep using it. We keep talking. When Runestone Cloud ships, you're on it free for a year.

Apply.

Two fields. No drop-downs. I read every one personally and reply within 48 hours — or tell you honestly that we're not a fit, fast.

Specific beats polished. The more concrete the workload and the failure mode, the faster I can tell you whether this is a fit.

Prefer email? evan@runestonelabs.io

Five slots. First reply in 48 hours. No hard sell.