LAUNCHZERO

ZERO-TRUST.
LOCAL-FIRST.
AGENT-READY.

Your AI Agent: Empowered, Governed, & Auditable.

LaunchZero is a local-first, zero-trust execution gateway that sits between your AI agent and your machine. Every action is verified, policy-gated, approvable, and auditable before it touches your system.

Give an AI agent real capabilities, with guardrails you control and can inspect. Gate in the moment; verify after the fact.

Explore LaunchZero

Security, Enforced on Every Action.

Per-tool policy engine Allow, Require Approval, or Deny on every single tool call - default deny.
Human-in-the-loop approvals Real-time approval cards pause sensitive calls; write operations are gated before they execute.
Zero-trust capability tokens Cryptographically scoped, time-limited grants for one action - never blanket access.
Canonical action hashing Binds the approved action to what actually runs, defeating prompt-injection action swaps.
Full audit trail Every call, approval, denial, and execution recorded with its provenance.

See LaunchZero in Action

How LaunchZero Works.

Three isolated trust domains, one policy you can read.

Control plane

GatewayServer

Decides every call. The policy engine and approvals pipeline live here - it issues verdicts, never actions.
Execution plane

Executor

Acts only on a decision already made, under a scoped token, and only after re-checking the action hash.
Trust plane

HostIntegrity

Continuously scores host and gateway integrity and watches for tamper signals.

The path of every action: agent → authenticated MCP bridge → policy decision → human approval when required → execution under a scoped, hash-verified token → recorded to the audit trail. Local-first on Windows, macOS, and Linux.