AI Governance Platform — Monitor your agents. Detect threats. Track costs. Build workflows.
Quick Start · Features · Website · Full Install Guide · API Docs
I was running AI agents via OpenClaw — building automations, managing infrastructure, doing real work. And things kept going wrong.
My agent leaked API credentials five times. Not because I forgot to set rules — I made it rule number one, in bold, in the system prompt, in the soul file, everywhere I could put it. Didn't matter. Passwords, API keys, tokens — they kept showing up in chat logs and channel messages. I had an agent with access to a database containing thousands of people's personal records and payment details. One leaked credential and all of that is exposed.
Then my agent burned through $20 of API credits in thirty minutes using a model I explicitly told her not to use. I had no alert, no spending cap, no visibility — I found out after the money was gone. Another time, she started modifying config files I told her not to touch. I told her to stop. She didn't stop. She broke the environment. I spent two hours fixing what took her thirty seconds to destroy.
I went looking for tools to solve this. What I found: enterprise platforms at $50,000/year with per-seat pricing, developer tracing tools that show you what happened but can't stop anything, and observability dashboards that are read-only — you watch the fire, but nobody hands you the extinguisher.
So I built Arkon. A kill switch I can hit the moment an agent goes rogue. Threat detection that catches credential leaks before they leave the dashboard. Cost tracking that alerts me before the bill spirals. Workflow automation that responds to incidents without waiting for me to notice. Everything I needed, in one place, at a price that doesn't require a Fortune 500 budget.
I'm not the only one with this problem. If you're running AI agents in production — for yourself, for clients, for your team — you've felt some version of this. Arkon is the tool I wish existed when I started.
The Arkon dashboard — real-time governance, threat detection, and cost control for your entire AI operation.
Every message your agents send and receive is scanned for three classes of threats:
- Credential leaks — API keys, passwords, bearer tokens, private keys, AWS credentials
- Prompt injection — jailbreak attempts, instruction overrides, persona hijacking
- Dangerous commands — destructive shell commands, reverse shells, unauthorized network access
Threats are scored by severity (low — critical), surfaced instantly, and can trigger automated responses via workflows. This isn't after-the-fact logging — it's real-time interception.
When your agent is going off the rails, you need a big red button — not an API call buried in documentation.
- Floating kill button — pulsing red FAB on every page, always one click away
- Per-agent emergency stop — pause, resume, or kill individual agents
- Nuclear gateway stop — stop the entire OpenClaw gateway service via SSH (
openclaw gateway stoporsystemctl stopfallback), with auto-restart verification - Keyboard shortcut —
Ctrl+Shift+Kto open the quick-kill dialog from anywhere - Kill verification — 4-phase modal confirms your agent is actually dead (Confirm → Killing → Verifying → Confirmed Dead)
- Full audit trail — every kill logged with who, what, when, and why
- WS-RPC adapter — native protocol support for OpenClaw gateways (
sessions.abortper session)
Track spending across every agent, every model, every provider — in real time.
- Daily burn rate with projected monthly spend
- Per-agent and per-model breakdown — see exactly which agent is costing what
- Budget limits — set daily and monthly caps per tenant
- Cost anomaly alerts — get notified when spending deviates from baseline
- Multi-provider support — Anthropic, OpenAI, NVIDIA Nemotron, Ollama, and more
A visual workflow builder with drag-and-drop nodes. No code required.
- Cron triggers — run on a schedule (health checks every 5 minutes, daily cost reports)
- Event triggers — respond to threats, anomalies, or budget alerts automatically
- Webhook triggers — integrate with any external system
- Built-in actions — HTTP requests, conditional logic, notifications, agent commands
- Templates — pre-built workflows for common scenarios (threat auto-response, health sweeps, budget alerts)
No other tool in this category has a workflow builder. Not LangSmith. Not Langfuse. Not Helicone. Not Portkey. This is unique to Arkon.
| Feature | What It Does |
|---|---|
| Anomaly Detection | Rolling 7-day baselines per agent. Alerts on rate spikes and unexpected silence. |
| Approval Workflows | Human-in-the-loop for sensitive agent operations. Queue, review, approve/reject. |
| MCP Gateway Proxy | Register, proxy, and log traffic to MCP servers. Per-server auth and rate limiting. |
| Multi-Tenant | Manage multiple clients from one instance. Per-tenant budgets, agents, and data isolation. |
| Trace Explorer | Distributed tracing with recursive span trees. LLM, Tool, Retrieval, Chain, and Agent span types. |
| Incident Management | P1-P4 severity, 6 lifecycle states, SLA tracking (1h/4h/24h/72h), timeline with comments. |
| Audit Log | Complete event history — who did what, when, to which agent. GDPR purge included. |
| Compliance Export | Export events, costs, agents, and audit logs to JSON/CSV with date filters. |
| Benchmarking | Compare agent performance across models — tokens, latency, cost efficiency. |
| Infrastructure Monitoring | Server health, Docker status, GPU metrics, network latency — all from the dashboard. |
| Live Activity Feed | Real-time event stream via SSE. See what your agents are doing right now. |
| Light/Dark/System Theme | Full theme support with CSS variable overrides. |
| 160+ features total | See the full feature list |
Three commands. Two minutes. A running Arkon instance.
git clone https://github.com/arkon-ai/arkon.git
cd arkon
docker compose up -dOpen http://localhost:3000 — the setup wizard walks you through creating your account, registering your first agent, and sending your first event.
Send a test event:
curl -X POST http://localhost:3000/api/ingest \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR_AGENT_TOKEN" \
-d '{
"event_type": "message_sent",
"agent": "my-agent",
"content": "Hello from my first agent",
"model": "claude-sonnet-4-20250514",
"tokens_used": 150
}'See it appear on your dashboard in real time.
Requirements: Docker and 2GB RAM. That's it.
For the full installation guide with environment configuration, troubleshooting, and upgrade instructions, see INSTALL.md.
Arkon was built on OpenClaw and has deepest integration with the OpenClaw ecosystem — WS-RPC kill capability via sessions.abort and SSH-based gateway stop. NemoClaw agents can report to Arkon via the same generic ingest endpoint.
But Arkon is not locked to any framework. Register any agent through the 10-step wizard — Arkon auto-detects capabilities:
| Framework | Status | Kill Capability |
|---|---|---|
| OpenCLAW | Supported | Full control (WS-RPC) |
| Custom / HTTP | Supported | Callback or SSH |
| NemoClaw | Early support | Ingest reporting; gateway kill via SSH |
| Paperclip | Beta (wizard config) | REST kill — in development |
| LangGraph | Beta (wizard config) | REST cancel — in development |
| n8n | Beta (wizard config) | Workflow deactivation only |
| AutoGen / AG2 | Beta (wizard config) | WebSocket stop — in development |
| Dify | Beta (wizard config) | REST stop — in development |
| OpenHands | Beta (wizard config) | REST delete — in development |
| Haystack | Coming soon | Limited |
| Semantic Kernel | Coming soon | Limited |
| CrewAI | Coming soon | Monitor only |
| Flowise | Coming soon | Monitor only |
Note on Beta frameworks: The registration wizard supports connecting these frameworks and they can send events today via
POST /api/ingest. Live kill adapters beyond OpenClaw are actively being built.
Anything that can send an HTTP POST can report to Arkon via POST /api/ingest.
| Arkon | RunLayer | Langfuse | Helicone | Portkey | Datadog | |
|---|---|---|---|---|---|---|
| Self-Hosted Free | Yes | Partial | Yes | Yes | Yes | No |
| Kill Switch | Yes | No | No | No | No | No |
| Threat Detection | Yes | Yes | No | No | Guardrails | No |
| Cost Tracking | Yes | No | Yes | Yes | Yes | Yes |
| Workflow Builder | Yes | No | No | No | No | No |
| Multi-Tenant | Yes | Yes | No | No | No | Yes |
| Client Portal | Yes | No | No | No | No | No |
| Infra Monitoring | Yes | No | No | No | No | Yes |
| No Per-Seat Pricing | Yes | No | No | No | Yes | No |
| Open Source (MIT) | Yes | Partial | Yes | Yes | Yes | No |
| Price | Free / $97mo | $50K+/yr | Free / $29mo | $79/mo | 5.5% fee | $23/host/mo |
The full Arkon platform, self-hosted, MIT licensed. No feature gates.
docker compose up -dA managed hosting option is in development for teams that want zero ops overhead. The planned tiers:
| Operator | Agency | |
|---|---|---|
| Price | $97/mo | $297/mo |
| Users | Unlimited — no per-seat pricing | Unlimited |
| Agents | 20 | Unlimited |
| Servers | 5 | Unlimited |
| Multi-tenant | - | Y |
| Client portal | - | Y |
| White-label | - | Planned |
| Support | Priority |
Early access: Join the waitlist to be notified when cloud hosting opens and lock in founding pricing.
+--------------------------------------------------+
| Arkon Dashboard |
| (Next.js · React · Recharts · React Flow) |
+--------------------------------------------------+
| API Layer |
| Ingest · ThreatGuard · Workflows · MCP Proxy |
+--------------------------------------------------+
| TimescaleDB |
| Events · Agents · Costs · Audit · Baselines |
+--------------------------------------------------+
^ ^ ^
| | |
+----+-----+ +-----+-------+ +---+-----+
| Agent 1 | | Agent 2 | | Agent N |
| OpenClaw | | NemoClaw | | Custom |
+----------+ +-------------+ +---------+
Arkon is open source and contributions are welcome. See CONTRIBUTING.md for guidelines.
Where we want contributions:
- Integrations and SDK adapters (CrewAI, AutoGen, LangChain)
- ThreatGuard detection patterns
- Workflow node types
- Documentation and tutorials
- Bug reports and testing across environments
Where we maintain control:
- Core governance engine
- Billing and multi-tenant architecture
- Security-critical code paths
- GitHub Discussions — questions, ideas, show & tell
- Issues — bug reports and feature requests
- arkonhq.com — website and cloud platform
- @arkonhq — updates and AI ops insights
MIT — see LICENSE.
From the Greek arche — the original authority, the source from which order flows.
Built by Brynn Bendixen — because guardrails in a prompt aren't governance.