Vienna OS is an enterprise governance platform for autonomous AI agents. It sits between agent intent and execution, providing policy enforcement, approval workflows, and audit trails.

How does risk tiering work?

Vienna OS classifies actions into T0 (auto-approved), T1 (heuristic log), T2 (human gate), and T3 (strict halt requiring multi-sig) based on risk assessment policies you define.

Is Vienna OS compliant with regulations?

Yes, Vienna OS supports SOC 2, HIPAA, SEC, and EU AI Act compliance with appropriate policy configuration and audit trail retention.

Execution Model

Two Paths toExecution

Vienna OS supports both direct execution and agent passback modes, giving you operational flexibility while maintaining complete governance and audit trails.

Try Interactive Demo View Code Examples

Choose Your Execution Mode

Vienna OS automatically routes actions based on risk tier, or you can explicitly choose your execution mode.

Vienna Direct

Vienna executes the action

Vienna OS executes actions directly through its built-in handlers. Perfect for low-risk operations that need immediate execution with minimal latency. Full audit trails and constraint enforcement included.

Built-in execution handlers

Shell commands, HTTP calls, database queries

Immediate execution

No agent round-trip latency

Complete audit trail

Every action logged and verifiable

Constraint enforcement

Scope and time limits enforced automatically

Risk Tiers

T0T1Auto-approved execution

Agent Passback

Agent executes with warrant

Vienna issues a cryptographic execution warrant that the agent uses to execute actions through its own infrastructure. Ideal for high-risk operations or when using specialized agent integrations.

Cryptographic warrants

HMAC-signed, tamper-evident authorization

Multi-party approval

T2/T3 actions require operator approval

Agent infrastructure

Use existing tools and integrations

Post-execution verification

Vienna verifies warrant compliance

Risk Tiers

T2T3Multi-party approval required

Execution Pipeline

Every agent action flows through the same governance pipeline, regardless of execution mode.

Intent

Agent submits action request

Policy

Rules engine evaluates

Risk Tier

T0/T1/T2/T3 classification

Approval

Multi-party if T2/T3

Warrant

Cryptographic authorization

Execute

Vienna or Agent

Verify

Post-execution audit

Execution Decision Point

Vienna automatically routes based on risk tier

Vienna Direct

T0/T1 → Immediate execution

Vienna executes via built-in handlers

Agent Passback

T2/T3 → Warrant + Agent execution

Agent executes with warrant proof

SDK Integration

Simple API integration works with any agent framework. 5 lines of code to add governance to your agents.

Vienna Direct Mode

Low-risk actions execute immediately

// Submit intent for direct execution
const response = await vienna.submit({
  action: "restart_service",
  target: "api-gateway", 
  agent_id: "production-agent"
});

if (response.mode === "direct") {
  // Vienna executed immediately
  console.log("Execution:", response.execution_id);
  console.log("Status:", response.status);
}

Agent Passback Mode

High-risk actions return warrants

// Submit intent, receive warrant
const response = await vienna.submit({
  action: "deploy_production",
  version: "v2.3.1",
  agent_id: "deploy-agent"
});

if (response.mode === "passback") {
  // Execute with warrant authorization
  await agent.execute(response.instruction, {
    warrant: response.warrant_id,
    constraints: response.constraints
  });
}

Installation & Setup

Install SDK

npm install @vienna/sdk

# or
pip install vienna-sdk
# or  
go get github.com/vienna/sdk-go

Configure Client

import { Vienna } from '@vienna/sdk';

const vienna = new Vienna({
  apiKey: process.env.VIENNA_API_KEY,
  endpoint: 'https://api.regulator.ai'
});

Why Dual Execution Matters

Get the best of both worlds: operational flexibility with complete governance.

Zero Trust Architecture

Every action requires cryptographic authorization, regardless of execution mode. No exceptions, no backdoors.

Operational Flexibility

Use Vienna's handlers for speed or agent infrastructure for complex integrations. Choose what works best.

Complete Audit Trail

Immutable record of every intent, approval, warrant, and execution result. Regulator-ready from day one.

Risk-Based Routing

Automatic classification and routing based on action risk. T0 auto-approves, T3 requires justification.

Constraint Enforcement

Scope, timing, and parameter constraints enforced cryptographically. Violations are impossible.

Multi-Party Approvals

High-risk actions require multiple operator signatures. Compliance-ready approval workflows.

Ready to govern your AI agents?

Start with our free tier. No credit card required. Add execution governance to your agents in under 5 minutes.

Start Free Trial Try Interactive Demo Contact Sales →