Signed eligibility claims
Verified facts — US-person status, citizenship, residency, org, screening result, assurance level — represented as signed, time-bounded claims from a trusted issuer.
Redline by ControlStackAI
Export-control guardrails for AI agents.
Redline classifies, gates, and audits agent actions around controlled technical data, so aerospace and defense teams can use private agents without pretending export-control risk is a policy PDF someone read once.
Redline in 75 seconds — classify, gate, verify the actor, and audit every agent action.
Classify
Detect USML/EAR-sensitive spans with deterministic rules plus approved-model hooks.
Gate
Allow, redact, block, or escalate before a tool call or model output crosses a boundary.
Audit
Write hash-chained decision metadata without storing raw controlled content.
Deploy
Run as a local sidecar inside your infrastructure and connect to agent runtimes.
Why now
The model layer is becoming a regulated utility. The control layer becomes the product.
Frontier-model access, deployment location, user nationality, and downstream data handling are no longer abstract governance topics. They are operational constraints. The winning stack is model-agnostic, private, auditable, and built around the regulated workflows teams already have.
Redline starts with the highest-pressure wedge: AI agents touching controlled technical data in aerospace and defense workflows.
Runtime decision
Input: agent event, actor, destination, model, tool params
Policy: US-person status, destination zone, controlled categories, rule priority
Output: allow, redact, block, or require export-control review
Is the actor eligible?
A model provider can't tell who you are. That's the missing layer.
Export controls now reach the model itself — and a provider has no native way to know whether the person on the other end is a US person, an eligible licensed user, or operating from an allowed jurisdiction. By default they don't know. Eligibility has to be verified, attested, and enforced at runtime.
Redline adds an eligibility attestation layer that answers the questions a guardrail actually needs before it lets an action through:
- →Who is the actor, and are they a US person / eligible / licensed user?
- →What jurisdiction are they operating from this session?
- →Which org and project are they acting under, with what need-to-know?
- →What proof was relied on, when does it expire, and which policy version allowed it?
Eligibility decision path
No verified claim → block or require verification
US person, internal destination → allow if policy permits
Non-US person + controlled data → block or escalate as deemed-export risk
Unexpected geography / session risk → require re-auth or escalation
Claim expired or issuer untrusted → fail closed
Runtime enforcement
Redline evaluates the eligibility claim alongside content and destination on every gated action — not once at signup, but each time a boundary is crossed.
Provider-consumable tokens
Providers can verify a signed eligibility token instead of running all compliance logic themselves, then log model access against it — evidence that access was gated by verified identity.
Citizenship and US-person status are legal compliance concepts. Redline supports verified claims and policy enforcement; it does not make legal eligibility or jurisdiction determinations on its own. Export-control eligibility can also depend on location, employer, end use, end user, sanctions status, and license exceptions.
Built for agent runtimes
A guardrail that sits in the path, not in a slide deck.
Before tool calls
Gate email, messaging, shell, web, write, fetch, and other egress-capable actions before they execute.
Before model egress
Inspect content leaving an approved boundary, including deemed-export scenarios for non-US-person users or agents.
After decisions
Preserve policy version, categories, rationale, action, hashes, and chain proofs for later review.
Design partners
For teams deploying agents into controlled engineering workflows.
We are looking for aerospace, defense, robotics, and regulated engineering teams that need private agents, export-control enforcement, and credible audit evidence.
Redline supports export-control compliance programs. It is not legal advice, a jurisdiction determination, or a substitute for review by an empowered official or export-control counsel.