Governed run replay

Live - no signup

Run AI workflows under your controls.
Watch one get stopped.

A governed vendor-risk run, replayed end to end: source-grounded evidence, deterministic checks, then a human approval gate that rejects the vendor and writes a tamper-evident proof packet.

Request a demo Watch it run

Read-only replay of an illustrative run - no inputs, no production credentials.

Source-grounded evidence with citations
A human approval gate that can stop the run
A tamper-evident proof packet
Self-hosted, EU-hosted - under your controls

Vendor risk review

run_8f2c1bvendor-risk/v3

Governed run

Run receivedstatus

Evidence extractednode

Required document missingnode

Data residency triggernode

Risk score 68/100 - elevatednode

Human approval gateapproval

RejectedRun stopped before clearance - proof packet recordedWatch it run

A real governed run, replayed in full below - ending in a human rejection and an auditable proof packet.

Vendor risk review

run_8f2c1bvendor-risk/v300:00.0 elapsed

Governed runIllustrative sample - EU region

Ready to run - press play

Watch a governed run, end to end

Eight events, exactly as the platform recorded them - from intake to a human approval gate that stops the run. Nothing is simulated past what you see here.

status - seq 1

Run received

running

A vendor onboarding packet was submitted for governed review. The run is registered against flow vendor-risk/v3 and begins under the workspace's controls - every step from here is recorded.

SubjectVendor onboarding packet

Flowvendor-risk/v3

Run idrun_8f2c1b

RegionEU

node - seq 2

Document intake & evidence extraction

passed

Three documents were parsed and source-grounded evidence was extracted - each finding carries a citation back to the document and section it came from.

SOC 2 Type II summary - controls in scope, exceptions notedEvidence: 6 items soc2.pdf 3.2

Master service agreement - liability & sub-processor termsEvidence: 4 items msa.pdf 11

Security questionnaire - 84 responses ingestedEvidence: 9 items ciq.xlsx Q1-Q84

node - seq 3

Deterministic compliance checks

info

Rule-based checks ran against the required-document set. Most passed - but one required document is missing, which the gate later depends on.

SOC 2 report present and within validity window

Signed data processing agreement on file

Required document missingCurrent penetration-test report not provided

node - seq 4

Policy-trigger checks

info

Workspace policies were evaluated against the extracted evidence. One policy trigger fired on data residency.

Encryption-at-rest attestation satisfied

Sub-processor data residency outside approved regionsPolicy: data-residency / approved-regions

node - seq 5

Risk scoring

passed

The findings were combined into a composite vendor risk score. The score is elevated, so the run is routed to a human reviewer rather than auto-cleared.

68/ 100Elevated

0 - low60 - review threshold100 - high

Above the 60 review threshold -> routed to a human approval gate. No clearance is issued automatically.

approval - seq 6

Human approval gate

rejected

Required-documents check

gate: required-documents

Rejected

A reviewer examined the run and rejected it at the approval gate. The vendor cannot be cleared, and the run stops here - no clearance is issued and no downstream write is performed.

Missing required document - current penetration-test report

Sub-processor data residency outside approved regions

Reviewer Security reviewer Decision recorded at the gate

output - seq 7

Proof packet recorded

completed

vendor-risk_run_8f2c1b.packetsha256:9c1a...f70b

Decision
REJECTED

Run stopped before clearance. No vendor record created.

Reasons

Missing required document - current penetration-test report

Sub-processor data residency outside approved regions

Evidence (source-grounded citations)

SOC 2 Type II summary soc2.pdf 3.2

Master service agreement msa.pdf 11

Security questionnaire ciq.xlsx Q1-Q84

Written once to a tamper-evident, append-only audit ledger - decision, reviewer, reasons, and evidence.

done - seq 8

Review complete

completed

Finished with a recorded, auditable human decision

The run ended exactly where governance required: a person decided, the decision is logged, and there is a proof packet anyone can audit later. No AI output reached a live system without it.

OutcomeRejected at human gate

Decided bySecurity reviewer

Proof packetrun_8f2c1b

Events recorded8 of 8

What just happened

Three governance moments, in one run.

The replay is not a chatbot demo. It is the control plane doing its job: grounding, gating, and proof - the parts a regulator asks about.

Seq 2

Evidence with citations

Every finding is grounded in a source document and section. Reviewers and auditors can trace any claim back to where it came from - not to a model's recollection.

Seq 6

A human gate that can stop the run

Elevated risk routes to a person, not an auto-approve. Here the reviewer rejected - and rejection is final at the gate. The run stops before anything is cleared or written.

Seq 7

A tamper-evident proof packet

The decision, the reviewer, the reasons, and the cited evidence are written once to an append-only audit trail. Months later, you can prove exactly why this vendor was not cleared.

Built for regulated teams - designed to run under your controls

Self-hosted

EU AI Act controls

GDPR controls

Audit trail

Data sovereignty

PrivateFlow is not certified under any compliance framework. Controls are designed to support compliance preparation. Where the EU AI Act applies, high-risk obligations carry penalties up to the EUR 15M / 3% of worldwide annual turnover tier; this run is an illustrative, synthetic example.

See it on your own data

Run this on your own vendors.

We'll stand up a governed pilot on your own data - sandbox first, no production credentials required. You decide what the gates do.

Request a demo Replay the run