AI Agent Governance Platform
Deploy autonomous agents with built-in safety, observability, and control.
AI agents are powerful. They're also unpredictable.
Teams deploying agents in production face the Trust Gap: the distance between what an agent can do and what you're confident letting it do unsupervised.
Without governance, you're flying blind:
- No visibility into what agents are doing
- No safety rails before dangerous actions
- No audit trail when things go wrong
- No way to require human approval for sensitive operations
Cordum is a control plane for AI agents that closes the Trust Gap.
┌─────────────────────────────────────────────────────────────────┐
│ Cordum │
│ │
│ ┌──────────┐ ┌──────────┐ ┌──────────┐ ┌──────────────┐ │
│ │ API │──▶│ Scheduler│──▶│ Safety │──▶│ Worker Pools │ │
│ │ Gateway │ │ │ │ Kernel │ │ │ │
│ └──────────┘ └──────────┘ └──────────┘ └──────────────┘ │
│ │ │ │ │ │
│ ▼ ▼ ▼ ▼ │
│ [Dashboard] [Workflows] [Policies] [Your Agents] │
└─────────────────────────────────────────────────────────────────┘
What Cordum does:
- Safety Kernel — Policy checks (allow/deny/throttle/human-approve) before any job runs
- Workflow Engine — Orchestrate multi-step agent workflows with retries, approvals, and timeouts
- Job Routing — Distribute work across agent pools with capability-based routing
- Observability — Full audit trail, traces, and real-time dashboard
- Human-in-the-Loop — Require approval for sensitive operations
Prerequisites: Docker, Docker Compose
# Clone the repo
git clone https://github.com/cordum-io/cordum.git
cd cordum
# Start everything
docker compose up -d
# Open dashboard
open http://localhost:8082Run the smoke test:
./tools/scripts/platform_smoke.shThat's it. You have a running Cordum instance with API, scheduler, safety kernel, and dashboard.
Cordum uses CAP (Cordum Agent Protocol) for all agent communication:
- Submit — Client submits a job via API
- Safety Check — Scheduler asks Safety Kernel: allow, deny, throttle, or require approval?
- Dispatch — Approved jobs route to the right worker pool via NATS
- Execute — Your agent runs the job (using MCP, LangChain, whatever)
- Result — Agent returns result; Cordum updates state and notifies client
Client ──▶ API ──▶ Scheduler ──▶ Safety Kernel ──▶ NATS ──▶ Agent Pool
│ │
▼ ▼
[Redis State] [Your Agents]
Key design choices:
- Payloads stay off the bus —
context_ptrandresult_ptrreference Redis/S3, keeping the message bus lean - Protocol-first — CAP is an independent spec; Cordum is the reference implementation
- Workers are external — Cordum is the control plane; your agents run wherever you want
| Feature | Description |
|---|---|
| Safety Policies | Define rules for what agents can/can't do. Enforce before execution. |
| Human Approval | Flag sensitive jobs for manual review before they run. |
| Workflows | Multi-step DAGs with fan-out, retries, delays, and conditions. |
| Pool Routing | Route jobs by capability, region, or custom tags. |
| Heartbeats | Know which agents are alive, their capacity, and load. |
| Audit Trail | Every job, decision, and result logged and queryable. |
| Dashboard | Real-time UI for workflows, jobs, approvals, and policies. |
| Multi-tenant | API keys with RBAC for teams and environments. |
cordum/
├── cmd/ # Service entrypoints
│ ├── cordum-api/ # API gateway (HTTP/WS + gRPC)
│ ├── cordum-scheduler/ # Job routing + safety + state
│ └── cordum-context/ # Optional context/memory service
├── core/ # Shared libraries
│ ├── safety/ # Safety kernel implementation
│ ├── workflow/ # Workflow engine
│ ├── scheduler/ # Scheduler logic
│ └── protocol/ # CAP type aliases + API protos
├── dashboard/ # React UI
├── sdk/ # Go SDK + worker runtime
├── deploy/k8s/ # Kubernetes manifests
└── docs/ # Documentation
| Doc | Description |
|---|---|
| System Overview | Architecture and data flow |
| Core Reference | Deep technical details |
| Docker Guide | Running with Compose |
| Agent Protocol | CAP bus + pointer semantics |
| Pack Format | How to package agent capabilities |
| Local E2E | Full local walkthrough |
Cordum implements CAP (Cordum Agent Protocol) — an open protocol for distributed AI agent orchestration.
CAP vs MCP:
- MCP = tool-calling protocol for a single model
- CAP = job protocol for distributed agent clusters
They're complementary. Use CAP for orchestration, MCP inside your agents for tools.
Read more: MCP vs CAP: Why Your AI Agents Need Both Protocols
The Go SDK makes it easy to build CAP-compatible workers:
import "github.com/cordum-io/cordum/sdk/runtime"
func main() {
worker := runtime.NewWorker("my-agent", "job.my-pool")
worker.Handle(func(ctx context.Context, job *runtime.Job) (*runtime.Result, error) {
// Your agent logic here
return &runtime.Result{Status: runtime.Succeeded}, nil
})
worker.Run()
}SDKs: Go (stable) | Python (coming soon) | Node (coming soon)
- Discord: Join the conversation
- GitHub Discussions: Ask questions
- Twitter/X: @coraboratedai
- Email: admin@cordum.io
Cordum Enterprise adds:
- SSO/SAML integration
- Advanced RBAC
- SIEM export
- Priority support
Contact us for pricing.
We welcome contributions! See CONTRIBUTING.md for guidelines.
Licensed under Business Source License 1.1 (BUSL-1.1).
Free for self-hosted and internal use. Not permitted for competing hosted/managed offerings. See LICENSE for details and Change Date.
Ready to govern your AI agents?
cordum.io · CAP Protocol · Discord
⭐ Star this repo if Cordum helps you deploy agents safely