General Orchestrator Production Ready

Any AI Agent.
Any Domain.
Governed.

The General Orchestrator is the runtime layer that makes AI agents safe to deploy in production. PII scrubbing, business rule enforcement, token-level telemetry, and an immutable audit trail, enforced before any agent output reaches your users.

Schedule a Demo See the Pipeline
The Problem

Agents act. Nobody's watching.

Most AI agent deployments have no governance layer. Agents respond, commit, and escalate, and there is no systematic record of what they said, why, or whether any of it should have been allowed.

PII in agent responses

Critical

Agents trained on customer data routinely surface SSNs, credit card numbers, and email addresses in their outputs. Without active scrubbing, this reaches end users.

No audit trail

Critical

When something goes wrong, there is no evidence trail. You cannot reconstruct what the agent was given, what it returned, or what governance rule should have fired.

Unauthorized commitments

High

Agents making statements like "we guarantee a full refund" or "your claim is approved" create legal liability with no human ever having reviewed the output.

No business rule enforcement

High

Domain-specific constraints, coverage limits, regulatory thresholds, policy terms, exist nowhere in the agent stack. The agent simply does not know what it is not allowed to say.

The Pipeline

Every request. Every response. Governed.

The General Orchestrator intercepts every agent interaction at each stage of the pipeline. Nothing passes through ungoverned.

01 API v2

Document / Request

Any input from any domain

02 Axis

PII Scrub

SSN, cards, email, API keys removed before any agent sees the input

03 Axis + MCP Agents

Agent Execution

3 governance tiers: Opaque, Cooperative, Verified

04 Axis + Koda

Governance Intercept

Business rules, Drools, human-approval gate

05 Codex

Immutable Record

SHA-256 hash chain, S3 Object Lock, 7-year retention

Governance Tiers

Not all agents cooperate equally.

The General Orchestrator grades every agent by how much visibility it provides. Governance is enforced regardless, but the depth of telemetry and enforcement scales with the tier.

TIER 1

Opaque

Agents you do not control. Third-party or black-box models.

Envelope-level oversight only.

  • Total token count
  • Pass / Block decision
  • PII scan result

No cooperative telemetry. Governance still fires.

TIER 2

Cooperative

Most Common

Agents that share telemetry. Your agents, or vetted MCP partners.

Full governance + cost accounting.

  • Provider + model name
  • Input tokens / output tokens
  • Estimated cost per call
  • Duration and latency
  • Confidence score

Full cooperative telemetry. Chargeback-ready.

TIER 3

Verified

Maximum enforcement. PII scan is mandatory on every input.

Blocks before output leaves your stack.

  • All TIER 1 telemetry
  • PII scan findings (named)
  • Governance interceptor chain trace

Input never reaches agent if PII is detected.

Manifest-Driven

Different domain.
Swap a JSON file.

Every pipeline is defined by a manifest template. The manifest specifies which agents run, in what order, under what budget, and with what governance tier. Changing domains means swapping a template, no code changes, no redeployment.

  • Agent sequence and dependencies defined declaratively
  • Budget limits: max tokens, max cost, max steps, max time
  • Per-agent governance tier assignment
  • Tenant-scoped, each client gets their own template set
compliance-review-v1.json 
{
  "templateId": "compliance-review-v1",
  "name": "Compliance Review Pipeline",
  "description": "PII scan + policy review",

  "agents": [
    {
      "stepId": "PII_SCAN",
      "agentUrn": "urn:novus:pii-scanner-v1",
      "tier": "TIER_3",
      "required": true
    },
    {
      "stepId": "COMPLIANCE_CHECK",
      "agentUrn": "urn:novus:compliance-review-v1",
      "tier": "TIER_2",
      "dependsOn": ["PII_SCAN"]
    }
  ],

  "budget": {
    "maxTokens": 50000,
    "maxCostUsd": 2.00,
    "maxSteps": 10,
    "maxDurationMs": 30000
  }
}
Glass Box Dashboard

Every decision. Visible. Traceable.

The Glass Box Dashboard surfaces the full orchestration trace for every run -- execution timeline, governance findings, per-step LLM telemetry, and the complete audit trail. Nothing is hidden.

General Orchestrator Glass Box Dashboard showing a PARKED orchestration with PII detection, execution timeline, Governance Details panel, per-step LLM usage table, and Audit Trail

Execution Status

PARKED, COMPLETED, IN_PROGRESS, with parked reason shown inline

Governance Findings

Amber alerts for every PII detection, policy violation, or business rule trigger

Per-Step Telemetry

Input tokens, output tokens, estimated cost per agent call, broken out by step

Multi-Tenant + White Label

One platform.
Many clients.

The General Orchestrator is built for resellers, system integrators, and platforms that govern AI on behalf of their clients. Tenant isolation is enforced at every layer, no cross-tenant data leakage by design.

X-Tenant-ID routing

Every request carries a tenant header. Rule packs, manifests, budgets, and audit records are scoped per tenant.

Per-tenant rule packs

Each client can have custom business rules on top of the universal governance layer. Drools rule files are loaded per tenant at runtime.

White-label branding

The dashboard, reports, and email notifications carry your brand, not ours. Novus Forge runs behind the scenes.

X-Tenant-ID

Isolation header on every request

Row-Level

Security enforced in the data layer

Per-Tenant

Rule packs, manifests, and budgets

White Label

Dashboard, reports, and notifications

Domain Agnostic

The platform is general.
The domain is yours.

The General Orchestrator has no opinion about what your agents do. It only governs how they do it. The reference implementation uses insurance, because insurance has public domain regulatory data we can demonstrate freely. The platform itself is domain-agnostic by design.

Insurance

Live POC

ACORD/SERFF regulatory filing analysis. OWL ontology extraction and validation. Human-in-the-loop axiom approval. Drools business-constraint enforcement.

  • Homeowners policy analysis
  • SERFF filing compliance
  • Coverage limit validation

Healthcare

Roadmap

PHI detection and scrubbing. Clinical workflow governance. Prior authorization document processing. HIPAA-compliant audit trail.

  • Prior auth processing
  • Clinical note analysis
  • PHI boundary enforcement

Legal

Roadmap

Privilege detection in document review. Contract compliance analysis. Unauthorized legal commitment detection. Chain-of-custody audit for discovery.

  • Contract review
  • Privilege scanning
  • Commitment language detection

Financial Services

Roadmap

Trade instruction governance. Regulatory threshold enforcement. Unauthorized promise and guarantee detection. SEC/FINRA-ready audit trail.

  • Trade instruction review
  • Guarantee language flagging
  • Regulatory reporting
Get Started

Start with a demo.
We will show it on your domain.

Bring your domain, your agents, and your compliance requirements. We will walk through the full governance pipeline live, PII scrubbing, business rule enforcement, telemetry, and the audit trail.

Schedule a Demo Run a Shadow Mode Audit First