Question 1

What is MandateOS?

Accepted Answer

MandateOS is an AI agent guardrails system for teams using Codex, Cursor, Claude Code, OpenClaw, and MCP-based workflows. It evaluates tool scope, budgets, approvals, and receipt requirements before sensitive actions continue.

Question 2

What do I see after install?

Accepted Answer

After install, teams see local host config for the selected repo, a status command for the installer, and a concrete runtime path for risky actions. Depending on the host, that includes files such as .codex/config.toml, .codex/hooks.json, Cursor hooks, or Claude workspace settings.

Question 3

Is MandateOS open source?

Accepted Answer

The developer-facing trust layer is open source: the SDK, MCP server, installer CLIs, starter policy bundles, docs, and homepage live in the public repo. The managed control plane handles shared approvals, workspace operations, retained audit history, and operator administration.

Question 4

Do I need the managed control plane?

Accepted Answer

No. The public packages and installers can be used on their own when you want local host integration and runtime checks. Teams add the managed control plane when they want shared approvals, workspace administration, retained evidence, and operator review across repos.

Question 5

What happens if MandateOS cannot reach the runtime?

Accepted Answer

MandateOS does not silently waive guardrails. For live guarded actions, the host surfaces a MandateOS failure or blocks the action until the runtime is available again. A few local paths, such as read-only shell commands and MandateOS self-calls, can still short-circuit locally without calling the runtime.

Question 6

How is this different from system prompts?

Accepted Answer

System prompts tell the agent what it should do. MandateOS evaluates what the agent actually requested before the sensitive tool runs, then keeps receipts, approval events, and audit evidence behind the outcome.

Question 7

Which integrations are available today?

Accepted Answer

Today MandateOS provides integrations for Codex, Cursor, Claude Code, OpenClaw, and managed MCP flows. GitHub-side enforcement is planned next, but is not presented as fully available today.

Question 8

Where should a team start?

Accepted Answer

Start with one host and one concrete workflow, usually a risky shell action or repo write path. Install the matching public package locally first, then connect that setup to the managed control plane when you want shared approvals, workspace operations, and retained evidence.

Security claims should end in artifacts operators can review.

Mandates, receipts, and grants are signed when they are created

Sensitive tokens are encrypted before storage

API keys are stored as hashes, not raw secrets

Audit events are chained so later modification is visible

Inter-service requests are signed and scoped

Evidence is organized for approval and later review