DataWhisper Cortex orchestrates multi-agent AI for regulated industries. Humanos slots into the GUARDIANSHIELD GOVERNANCE layer as the dedicated authorization stack — a 3rd-party API that fully abstracts authorization, making every agent action auditable, immutable, and independently verifiable by any party with the right access.
Cortex orchestrates AI agents end-to-end inside enterprise workflows — case handling, dispute resolution, claims, KYC, attestations. Every layer of Cortex is purpose-built so agents can act safely on behalf of humans, not around them.
Humanos plugs into the GUARDIANSHIELD GOVERNANCE layer as the dedicated authorization stack — a 3rd-party API that makes authorization a runtime primitive instead of internal application state. Every high-risk action is verified against a signed mandate before execution, and every executed action carries an immutable, portable proof.
Modern orchestration platforms can trigger anything — refunds, settlements, regulatory filings, KYC releases. But the rules that decide what is allowed still live across emails, PDFs, Slack threads, static role tables, and disconnected compliance systems. AI agents act on probabilistic context, then operators try to reconstruct what they were allowed to do, after the fact.
Cortex can resolve a dispute, settle a claim, file an attestation in seconds. The mandates that govern those actions live somewhere else entirely — and were never designed to answer, at the moment of action, “is this specific decision actually authorized?”
Compliance teams piece together what the agent did from logs and traces — never that any given action was actually allowed. Every new customer, every new partner, every regulator restarts the work. Authorization stays internal application state; nothing portable.
Before any high-risk action commits — a chargeback, a settlement, an attestation, a regulator filing — Cortex calls humanos.verify(). Identity, scope, counterparty, amount, validity are checked against a signed mandate in real time, and a deterministic answer is returned the rest of GUARDIANSHIELD can attach to a portable proof.
Within mandate, within constraints, within validity. Cortex writes the resolution into the case-of-record. A Proof is attached to the case — portable, verifiable by any party with the right access.
Out of scope, expired, or revoked. Humanos requests step-up approval in real time (SMS, API), updates the mandate, and resumes once authorization is valid. The agent never silently fails or guesses.
Five stages in chronological order. The animation on the right walks through one dispute case end-to-end — issued by DataWhisper Operations, verified by Humanos at the GUARDIANSHIELD boundary, and committed only after a deterministic yes/no.
DataWhisper Operations Lead authorizes scope (dispute resolution), ceiling, and validity. Humanos issues a machine-verifiable mandate — signed once, reusable across every case the agent acts in.
The Cortex dispute-resolution agent assembles the proposed resolution — refund, fee adjustment, goodwill credit. It attaches the mandate to its outbound action as x-humanos-mandate.
Before the resolution commits, GUARDIANSHIELD calls humanos.verify() directly against the mandate. Identity, scope, counterparty, amount, and validity are checked in 82 ms — deterministic, no LLM in the path.
Authorized → Cortex writes the resolution into the case-of-record. Not authorized → the agent doesn’t fail silently or guess. For DataWhisper’s out-of-scope attempts (a £45,000 high-risk settlement), Humanos blocks at the GUARDIANSHIELD boundary and triggers a real-time step-up.
Every authorized action emits a cryptographic Proof — anchored in GUARDIANSHIELD, attached to the case-of-record, portable forever. Auditors, regulators, and banking partners verify the Proof directly against Humanos; nothing reconstructs trails from internal Cortex logs.
Nothing commits on assumption. The verify call is non-optional and inline — at the GUARDIANSHIELD boundary, not after the agent has already acted.
Cortex agents stay probabilistic where it matters (reasoning, context). The act-or-not boundary becomes a yes/no — no LLM in the verification path.
Every action emits a portable Proof, anchored at GUARDIANSHIELD. Auditors query directly; they don’t reconstruct from internal traces.
Out-of-scope action? Humanos collects approval (SMS, API, KYC), updates the mandate, and resumes execution once authorization is valid. No silent failures.
Issue once; verify anywhere. The same mandate works across customers, partners, regulators, and external counterparties the agent acts in front of.
Inside GUARDIANSHIELD GOVERNANCE, not a sidecar. Every Cortex workflow inherits portable, immutable, independently verifiable authorization by default.
Issue once. Verify anywhere — adjudicators, regulators, banking partners, internal audit.
External parties check authority against Humanos itself — without trusting Cortex’s runtime or its agent traces.
No new authorization logic per customer. The integration is the verify() call.
The more systems verify against Humanos, the more valuable every mandate becomes.
Banking, telco, marketplaces. Refunds, settlements, goodwill credits — every resolution authorized at the boundary, every action carrying a portable proof.
Insurance, healthcare denials, warranty disputes. AI agents propose resolutions; Humanos verifies they sit inside the mandate before settlement commits.
KYC, sanctions screening, regulatory filings. The agent drafts; Humanos verifies authority and emits a Proof the regulator can verify independently.
The Cortex agent acts on behalf of an internal human at every customer it serves. Every action carries the customer’s mandate — verifiable by every party they touch.
Human authorizes scope. Humanos issues a machine-verifiable mandate, reusable across every system that verifies.
Any external system runs humanos.verify(). Deterministic yes / no.
Out of scope? Request step-up authorization from the human principal in real time — API, SMS, or email.
Cryptographic Proof per action. Auditable forever. Verifiable by anyone.
At that moment, authorization must be verified, the decision must be deterministic, and the outcome must be provable. Everything else follows.
Plugged into GUARDIANSHIELD as the dedicated authorization stack — every agent action inherits it by default.
The verification path is deterministic. No LLM in the verify call.
Auditable, immutable, portable forever — independently verifiable.
