DSG

DSG ONE

ProofGate Control Plane

EU AI Act obligations are phasing in — prepare before high-risk enforcement dates

Do you know what your
AI agent is doing right now?

Other tools tell you what happened after the damage is done.
DSG ONE blocks before the action executes — with tamper-evident audit records that can be cryptographically verified.

One-line setup. Adds pre-execution controls, audit logs, and human oversight evidence mapped to EU AI Act Articles 9, 12 & 14. No changes to your existing stack.

How DSG ONE compares

A CCTV camera tells you a thief broke in  |  DSG ONE is the security guard — stops them at the door, with evidence

ToolAudit TrailBlocks Before ActingSupports Art. 14 ControlsTamper-Evident Records
LangSmith
Langfuse
DataDog / Log tools
DSG ONE

Mapped to three critical Articles

One DSG ONE connection — supports key technical controls required for high-risk AI systems under EU AI Act Articles 9, 12 & 14

Art. 9

Risk Management

Requires a continuous risk management process — identification, evaluation, mitigation, and monitoring throughout the AI lifecycle. Logging after the fact does not satisfy prevention requirements.

DSG ONE: Gates every action before execution — blocks immediately when a risk threshold is exceeded, providing a pre-execution control layer as part of a broader risk management process.

Art. 12

Record Keeping

Requires logging capabilities to enable tracing of the AI system functioning throughout its lifecycle, including events relevant to risk and post-market monitoring.

DSG ONE: Tamper-evident audit records — every action is hashed (SHA-256), cryptographically verifiable, and includes timestamp, session context, and decision rationale.

Art. 14

Human Oversight

Humans must be able to understand capabilities and limitations, monitor operation, detect automation bias, interpret output, override or reverse decisions, and interrupt or stop the system.

DSG ONE: BLOCK + approval workflow stops the agent before execution. Audit dashboard provides monitoring. Decision rationale supports interpretation. Human override is always available.

DSG ONE provides technical controls that support compliance. Full EU AI Act compliance requires a broader organizational risk management program, legal assessment, and deployment-specific review.

Art. 14 — Human Oversight Controls

Article 14 requires more than just a stop button. Humans must be able to understand, monitor, interpret, override, and stop the AI system throughout its operation. DSG ONE maps directly to each requirement.

Art. 14 RequirementDSG ONE Evidence
Human can stop action before executionBLOCK response halts agent before execution
Human can override or reverse decisionsApproval workflow — require human sign-off before allow
Human can interpret AI outputDecision rationale included in every gate response
Human can monitor operationAudit dashboard — full session and action history
Human can detect automation biasRisk threshold alerts — flag patterns before harm

Prevention ≠ Detection

Other tools — Detection

You find out your agent deleted the production database.
The data is gone. You cannot undo it.

DSG ONE — Prevention

The action is blocked before the agent executes it.
Alert sent. Evidence recorded. Zero damage.

TAMPER-EVIDENT AUDIT RECORD
action: "delete_table"
decision: BLOCK
timestamp: 2026-05-18T04:32:00Z
requestHash: sha256:8f3a2b...
recordHash: sha256:1c9d4e...
# tamper-evident — hash verifiable
# cryptographically verifiable record

One REST call. No changes to your existing stack.

Your existing agent keeps running exactly as before — DSG ONE adds a governance layer via REST API. No SDK required.

REST API (any framework)
# Works with LangChain, CrewAI, AutoGen, or any agent
import requests

headers = {"Authorization": "Bearer dsg_live_<your-api-key>"}
result = requests.post("https://your-domain/api/execute", headers=headers, json={
    "workspace_id": "ws-001",
    "provider": "openai",
    "agent_id": "agent-finance",
    "action": "send_payment"
}).json()

# ok = transport success. Check 'decision' for the gate outcome.
# BLOCK or REVIEW also return ok=True — only execute on explicit ALLOW.
if result.get("ok") and result.get("decision") == "ALLOW":
    execute_action()       # gate returned ALLOW
elif result.get("decision") == "REVIEW":
    route_to_human()       # gate requires human oversight before proceeding
else:
    log_blocked(result)    # gate returned BLOCK — do NOT execute
OpenAI Agents SDK
import requests

HEADERS = {"Authorization": "Bearer dsg_live_<your-api-key>"}

def gate(workspace_id: str, agent_id: str, action: str) -> bool:
    r = requests.post("/api/execute", headers=HEADERS, json={
        "workspace_id": workspace_id,
        "provider": "openai",
        "agent_id": agent_id,
        "action": action,
    }).json()
    # Check 'decision' == 'ALLOW' — BLOCK/REVIEW also return ok=True
    return r.get("ok", False) and r.get("decision") == "ALLOW"

# Before every tool call:
if gate(ws_id, agent_id, tool_call.name):
    tool_call.execute()
# else: gate returned BLOCK or REVIEW — do NOT proceed
JavaScript / TypeScript
async function gate(workspaceId: string, agentId: string, action: string) {
  const r = await fetch("/api/execute", {
    method: "POST",
    headers: {
      "Content-Type": "application/json",
      "Authorization": `Bearer ${process.env.DSG_API_KEY}`,
    },
    body: JSON.stringify({ workspace_id: workspaceId, provider: "openai", agent_id: agentId, action }),
  });
  const data = await r.json();
  // Check 'decision' — BLOCK/REVIEW return ok:true but decision !== 'ALLOW'
  return data.ok === true && data.decision === 'ALLOW';
}

// Before every agent action — only execute if gate explicitly allows:
if (await gate(workspaceId, agentId, action)) execute();

Who needs DSG ONE

🏦

Fintech & Banks

AI agents handling transactions must have audit trails and block unauthorized actions per financial regulators.

📋

SOC 2 / ISO 42001 Audits

Auditors require evidence that your AI is controlled and monitored. DSG ONE generates the evidence package automatically.

🌐

Any Company with GDPR / PDPA

AI agents that touch personal data must log who accessed what, when, and why — and be able to prove it.

Add controls in 5 minutes

Our team will help you set up pre-execution blocking, audit records,
and human oversight controls mapped to EU AI Act Articles 9, 12, and 14.

No credit card · 5-minute setup · No changes to your existing stack

Hermes Control