Doorway before action

ZLAR is where AI action becomes answerable.

ZLAR keeps humans in the loop when AI starts doing real things. Before AI changes files, calls tools, moves data, or starts workflows, ZLAR checks the rule, asks a person when needed, and records what counted as authorized effect.

Contact ZLAR See a sample receipt Read the boundaries
Before it acts
AI wants to act

Change a file. Call a tool. Move data.

->
ZLAR
doorway
->
Real thing happens

Allowed, blocked, or approved by a person.

The problem

AI is starting to do real things.

It can change files. It can call tools. It can move data. It can run commands. It can start workflows. It can affect people.

That means the hard question is no longer only what the AI said. The hard question is what the AI is about to do.

A fast no can be real. A fast yes can be dangerous.

The doorway

The rule comes before the action.

Before AI does something real, ZLAR checks the rule. The AI does not get to make up its own rule.

The rule says: this is allowed, this is blocked, or this needs a person to say yes. If a person needs to decide, ZLAR asks them outside the AI's runtime.

routed action decision
rulesigned human-authored rule
outcomeallowed | blocked | ask a person
personnamed approver when needed
proofaudit record + receipt
Who needs the doorway

Different teams. Same need.

Serious institutions want AI to help. They also need to know which actions are allowed, which are blocked, which need a person, and what proof is left after the action.

Enterprise

Put rules before action

For teams putting AI near files, tools, systems, and workflows.
Government

Make public actions traceable

For agencies that need records when AI touches services or data.
Financial Services

Go beyond login

For banks asking what authenticated AI is allowed to do.
Healthcare

Protect care workflows

For records and administrative surfaces where actions affect people.
Defense / Military

Keep command at the door

For controlled routed surfaces where command must stay visible.
Proof

A receipt is not a log.

A log records what happened. A ZLAR receipt records what counted as authorized effect at the moment action tried to become consequence.

The public sample is fake/scratch evidence. It is deliberately bounded. It is there so a first visitor can inspect the shape of proof before trusting the story.

See a sample receipt Read the Open Memo

AI can move. Humans remain present. Actions become answerable.

Scope

ZLAR only governs actions that pass through it.

This matters. ZLAR is not a magic claim about every AI action everywhere. It governs routed or intercepted action surfaces.

Short boundary

  • ZLAR governs routed/intercepted action surfaces only.
  • Safe Codex wording: "ZLAR can govern Codex CLI-invoked MCP tool calls when those MCP servers are routed through ZLAR."
  • Unrouted shell/filesystem/browser/app/network/model-reasoning/final-text surfaces are not claimed as governed by this proof path.
  • /contest is not implemented.
  • A private-by-default non-Vincent verifier request has been sent; no completed attestation has been received, and any result must be bounded by verifier relationship, disclosure permission, and exact evidence returned.
Conversation

Bring one real action.

Start with the practical question: what should AI be allowed to do, what should be blocked, and when should a real person say yes?

Contact ZLAR Read the Founder Note