EveryDev.ai
Subscribe
Home
Tools

3,107+ AI tools

  • New
  • Trending
  • Featured
  • Compare
  • Arena
Categories
  • Agents2063
  • Coding1441
  • Infrastructure665
  • Marketing524
  • Projects470
  • Research437
  • Design408
  • Analytics371
  • MCP268
  • Security265
  • Testing255
  • Data249
  • Integration183
  • Prompts183
  • Communication172
  • Learning166
  • Extensions163
  • Voice146
  • Commerce132
  • DevOps115
  • Web84
  • Finance24
AI Tools by Topic
  • AI Coding Assistants
  • Agent Frameworks
  • MCP Servers
  • AI Prompt Tools
  • Vibe Coding Tools
  • AI Design Tools
  • AI Database Tools
  • AI Website Builders
  • AI Testing Tools
  • LLM Evaluations
Follow Us
  • X / Twitter
  • LinkedIn
  • Reddit
  • Discord
  • Threads
  • Bluesky
  • Mastodon
  • YouTube
  • GitHub
  • Instagram
Get Started
  • About
  • Editorial Standards
  • Corrections & Disclosures
  • Community Guidelines
  • Advertise
  • Contact Us
  • Newsletter
  • Submit a Tool
  • Start a Discussion
  • Write A Blog
  • Share A Build
  • Terms of Service
  • Privacy Policy
Explore with AI
  • ChatGPT
  • Gemini
  • Claude
  • Grok
  • Perplexity
Agent Experience
  • llms.txt
Theme
With AI, Everyone is a Dev. EveryDev.ai © 2026
    1. Home
    2. Tools
    3. MakerChecker
    MakerChecker icon

    MakerChecker

    Autonomous Systems
    Featured

    Open-source security gateway for AI agents that enforces segregation of duties, human-in-the-loop approvals, and cryptographically signed audit logs to prevent agents from approving their own irreversible actions.

    Visit Website

    At a Glance

    Pricing
    Open Source
    Free tier available

    Self-hosted open-source release under AGPL-3.0 (server/web) and Apache-2.0 (SDKs, connectors, scan). Free to use, modify, and deploy on your own infrastructure.

    VPC-Hosted Pilot: $25000 one-time

    Engagement

    Available On

    Linux
    Web
    API
    VS Code
    SDK

    Resources

    WebsiteDocsGitHubllms.txt

    Topics

    Autonomous SystemsCompliance and GovernanceHuman-in-the-Loop Training

    Alternatives

    KYE ProtocolSapienX AgentOSRippletide
    Developer
    Mashini Investments Ltd.London, EnglandEst. 2024

    Listed Jul 2026

    About MakerChecker

    MakerChecker is a self-hosted, open-source security layer for AI agents that enforces the principle that the agent proposing an irreversible action can never be its own approver. Built by Mashini Investments Ltd., it sits outside the model as a deterministic runtime checkpoint, issuing a hard 403 denial rather than relying on prompt-level promises. The core platform is licensed AGPL-3.0 for the server and web UI, with Apache-2.0 SDKs and connectors that can be embedded freely in closed-source agents.

    What It Is

    MakerChecker is a self-hosted authorization gateway and audit system for AI agents taking high-consequence actions — moving money, changing records, placing trades, deleting data, or filing documents. It enforces three controls in code rather than policy: deny-by-default role-based access control (RBAC) over versioned "skills," structural segregation of duties so the agent that proposed an action cannot approve it, and an Ed25519-signed, SHA-256 hash-chained audit log that any auditor can verify offline with no access to the operator's systems. The project also ships mc scan, a static code scanner that reads an agent's tool definitions and flags ungoverned, catastrophic actions before they ever reach production.

    Architecture and Package Structure

    MakerChecker is organized as three independently adoptable layers that enforce the same controls and write the same signed audit format:

    • mc scan (Apache-2.0): A static CLI scanner run via npx @makerchecker/scan . that classifies every consequential action an agent can take, maps each finding to a real incident from a documented database of 41 agent incidents, and can write governance code with --fix. Runs fully offline by default; an opt-in --llm flag sends ambiguous tools to the Anthropic API.
    • @makerchecker/embedded (Apache-2.0): Importable enforcement primitives for in-process governance — define skills, roles, and grants, then wrap any tool so a denied call throws before it executes.
    • Self-hosted server (AGPL-3.0): A Fastify + Postgres gateway with a React web console, human-approval inbox, flow engine, and audit writer. Deployed via docker compose up or Kubernetes/Helm. Runs fully air-gapped with no external dependencies.

    Drop-in connectors ship for LangChain (@makerchecker/connector-langchain) and the Claude Agent SDK (@makerchecker/connector-claude-agent), with a generic TypeScript SDK and a Python SDK for CrewAI, LlamaIndex, AutoGen, and other frameworks.

    How the Segregation-of-Duties Gate Works

    The core rule is structural: the agent that prepared a case is refused as its own approver with a hard 403, enforced at the execution boundary, not in a prompt. When an agent proposes a skill call, the engine checks whether the agent is active, whether the skill is granted to its role, whether acting would violate segregation of duties, and whether the call is within the role's limits. Low- and medium-risk actions that pass run immediately and are recorded. High-risk actions stop at an approval gate where a quorum of named humans must sign — and the requester identity is blocked from being one of them. Every step, whether allowed, denied, or approved, is appended to the hash-chained audit trail in the same atomic operation as the action, so "acted but never logged it" cannot happen.

    Target Domains and Worked Use Cases

    The site positions MakerChecker as domain-agnostic but focuses initial go-to-market on regulated industries where compliance carries personal liability:

    • Life sciences & pharma: Pharmacovigilance ICSR triage (15-day expedited clock gated on a safety physician's signature), MDR device complaint reportability (30-day clock gated on a regulatory affairs officer), GMP cold-chain disposition (release or destroy gated on a named qualified person who is not the assessor), and clinical trial data-query resolution and cohort identification.
    • Finance: Payment release, trade and limit approval, ledger posting — the "four-eyes" control enforced in code and backed by an offline-verifiable log.
    • Patient access: Prior-authorization and appeals queue automation with copay/foundation enrollment gated on a named access specialist, producing a signed record for Anti-Kickback and False Claims Act compliance.

    Update: v1.2.0

    The latest release is v1.2.0, published on 2026-07-06, according to the GitHub repository. The repository was created in June 2026 and has been actively updated, with the last push on 2026-07-06. The project direction signals continued expansion of framework connectors and runnable domain examples (pharmacovigilance, MDR triage, oncology patient access, daily cash reconciliation are all present as worked examples in the repository).

    MakerChecker - 1

    Community Discussions

    Be the first to start a conversation about MakerChecker

    Share your experience with MakerChecker, ask questions, or help others learn from your insights.

    Pricing

    OPEN SOURCE

    Open Source

    Self-hosted open-source release under AGPL-3.0 (server/web) and Apache-2.0 (SDKs, connectors, scan). Free to use, modify, and deploy on your own infrastructure.

    • Self-hosted Fastify + Postgres server (AGPL-3.0)
    • React web console with approvals inbox
    • TypeScript and Python SDKs (Apache-2.0)
    • LangChain and Claude Agent SDK connectors (Apache-2.0)
    • mc scan static code scanner (Apache-2.0)

    VPC-Hosted Pilot

    A paid pilot where MakerChecker builds the agent's first governed flow, runs it inside the customer's own VPC, and delivers an inspection-ready cryptographic audit bundle.

    $25000
    one time
    • VPC-hosted deployment in customer's own cloud
    • First governed agent flow built and run by MakerChecker team
    • Inspection-ready cryptographic audit bundle
    • Synthetic or minimized data setups
    • Support for any agent framework
    View official pricing

    Capabilities

    Key Features

    • Deny-by-default role-based access control (RBAC) for AI agent tool calls
    • Structural segregation of duties: agent that proposed an action is blocked from approving it (hard 403)
    • Ed25519-signed, SHA-256 hash-chained audit log verifiable offline with no external dependencies
    • Static code scanner (mc scan) that flags ungoverned, catastrophic agent actions before production
    • Human-in-the-loop approval gates for high-risk actions
    • Versioned skill grants per agent role
    • Self-hosted deployment — data never leaves operator infrastructure
    • Air-gapped / fully offline execution mode
    • Drop-in connectors for LangChain and Claude Agent SDK
    • Generic TypeScript and Python SDKs for any agent framework
    • Offline proof verifier (npx @makerchecker/proof-verifier verify bundle.json)
    • React web console with approvals inbox and run log
    • Flow engine for multi-step workflows with embedded approval gates
    • CI/CD integration via mc-policy.json and GitHub Actions badge
    • Incident database of 41 documented agent failures mapped to scan findings

    Integrations

    LangChain
    Claude Agent SDK
    CrewAI
    LlamaIndex
    AutoGen
    Anthropic API (optional LLM scan)
    Docker / Docker Compose
    Kubernetes / Helm
    PostgreSQL
    GitHub Actions
    API Available
    View Docs

    Ratings & Reviews

    No ratings yet

    Be the first to rate MakerChecker and help others make informed decisions.

    Developer

    Mashini Investments Ltd.

    Mashini Investments Ltd. builds MakerChecker, an open-source security gateway that enforces segregation of duties and human-in-the-loop approvals for AI agents taking irreversible actions. The company focuses on regulated industries — life sciences, finance, and patient access — where compliance carries personal liability. MakerChecker's architecture is self-hosted and open-source so security teams can read every line, and its cryptographic audit trail is designed to be verified by outside auditors with no access to the operator's systems.

    Founded 2024
    London, England
    5 employees
    Read more about Mashini Investments Ltd.
    WebsiteGitHub
    1 tool in directory

    Similar Tools

    KYE Protocol icon

    KYE Protocol

    An open standard (Apache 2.0) that turns every AI-agent and automation action into signed, replayable evidence a regulator, auditor, or court can verify with public keys alone.

    SapienX AgentOS icon

    SapienX AgentOS

    AgentOS is a local-first human operating layer for running AI agents, projects, and operations from a single control surface built on the OpenClaw orchestration runtime.

    Rippletide icon

    Rippletide

    Rippletide is an AI agent decision enforcement layer that intercepts, validates, and controls every agent action before it executes using deterministic, rule-based reasoning.

    Browse all tools

    Related Topics

    Autonomous Systems

    AI agents that can perform complex tasks with minimal human guidance.

    322 tools

    Compliance and Governance

    AI-enhanced tools for ensuring regulatory compliance and project governance with automated monitoring, risk assessment, and policy enforcement across projects.

    62 tools

    Human-in-the-Loop Training

    Platforms that connect organizations with vetted human experts to annotate, label, evaluate, and align AI models, ensuring high-quality training datasets and accurate model evaluation through human judgment.

    36 tools
    Browse all topics
    Back to all toolsSuggest an edit
    ratings
    discussions