No agent acts without a human sign-off.
The foundational rule of Cluster1 is simple: no AI agent executes a mission that a human has not reviewed and approved. This is not a UI feature or a configurable setting: it is enforced at the infrastructure layer through Clutch, our agent operations hub.
Every mission begins with structured goal definition and success criteria, reviewed by an operator before a single agent takes action. The system is designed so that bypassing this gate requires deliberate architectural modification, not just changing a flag.
This commitment is not about distrust of AI. It is about building infrastructure that organisations can actually defend: to auditors, regulators, boards, and the people affected by the decisions these systems support.
Everything that ran left a record.
Every agent action in Cluster1 is logged to an immutable audit trail. Logs include: which agent acted, under what mission, at what time, with what inputs, and what the output was, alongside an evidence score between 0 and 100 generated by our scoring engine.
This means accountability is not retrospective. You do not reconstruct what happened after the fact. You have a cryptographically sound record of exactly what ran, available in real time.
We align this commitment to ISO 42001's requirements for AI management systems traceability and to NIST AI Risk Management Framework (AI RMF) principle of explainability. Cluster1 is not a black box. It is a system you can put in front of an auditor.
Agents cannot exceed what they were built to do.
Each of the seven ClawOps agents (Orchestrator, Architect, Developer, Security, Intelligence, Scraper, and Analyst) has a strictly defined role and a defined authority boundary. Semantic scope enforcement means an agent cannot take actions outside its designated function, regardless of what an LLM might generate.
This is the practical implementation of the AI safety principle that systems should operate within sanctioned limits. Role isolation reduces blast radius. An agent that cannot exceed its scope cannot be jailbroken into doing something it was never designed to do.
Data leaves your perimeter clean. If it cannot, it does not leave.
Every outbound LLM call from a ClawOps agent passes through the Privacy Proxy before reaching any model endpoint. The proxy strips personally identifiable information, credentials, API keys, JWTs, and custom-configured sensitive patterns using named entity recognition and rule-based matching.
The model never sees raw operational data. This is not anonymisation after the fact: it is a structural pre-processing gate that cannot be bypassed by agent logic.
This approach aligns with PIPEDA's privacy-by-design principles and with ISO 27001's data minimisation requirements. It also makes Cluster1 viable in sectors like healthcare, legal, and financial services, where raw data cannot leave the organisation's control perimeter.
Securing against threats that are already in motion.
Cluster1's lvls vault uses ML-KEM-768 (NIST FIPS 203) for all credential encryption. This is not a forward-looking roadmap item. It is live infrastructure, deployed today.
The rationale is straightforward: nation-state adversaries and sophisticated criminal organisations are already archiving encrypted traffic using a strategy known as harvest now, decrypt later. When sufficiently powerful quantum computers become available, that archived data becomes readable. Credentials and secrets encrypted today with classical asymmetric algorithms have a finite horizon.
We shipped post-quantum security because the threat is active now, not because it is on the horizon.
AI governance as an operational discipline.
ISO 42001 is the international standard for AI Management Systems. It establishes requirements for responsible development, deployment, and monitoring of AI. Tech Automation Services has designed Cluster1's architecture to be ISO 42001 ready from the ground up, not as a compliance exercise, but as an operational discipline.
Key ISO 42001 elements present in Cluster1: → Defined AI system objectives and success criteria (Clutch mission scoping) → Human oversight and approval gates (Clutch review workflow) → Incident logging and traceability (immutable audit trail) → Risk identification through continuous monitoring (4Context security pane) → Agent scope enforcement (ClawOps role isolation)
We pursue ISO 42001 certification. We do not currently claim it.
Information security management, structurally enforced.
ISO 27001 defines requirements for an Information Security Management System (ISMS). Every major security control in Cluster1 maps to a specific ISO 27001 annex control: access control, cryptography, operations security, logging, and incident management.
The architecture enforces these controls structurally. There is no configuration path that removes encryption, disables logging, or opens administrative surfaces to the public internet. Compliance is baked in, not bolted on.
We pursue ISO 27001 certification. We do not currently claim it.
We say what we do and do what we say.
We do not claim certifications we do not hold. We do not describe capabilities we have not built. Where features are in development, we say so. Where standards alignment is aspirational, we say that too.
The pages on this site (platform, security, responsible AI) describe what Cluster1 is today. If something changes, we update the documentation. Founding partners receive direct communication before any significant architectural or policy change.