See, approve and audit what your agents do.

GitHub

Shotoku

1 pending approval

research-agent

Task

License a stock photo for the blog post.

Next Action

purchase shutterstock.com

amount $0.99

rail x402

Agents act.
Shotoku checks first.

Every autonomous action
needs a decision.

Call APIs

POST /v1/messages

Execute code

node script.ts

Use MCP tools

tool.invoke()

Spend money

$42 payment request

Policy Check → Approval Gate → Audit Log

Decision recorded locally.

Local-first by design.

Authorization decisions stay on your machine.

dec_01approved

dec_02pending_approval

dec_03denied

apr_01approved dec_02

{
"id": "dec_01"
"status": "approved"
"actor": "agent-1"
}

{
"id": "dec_02"
"status": "pending_approval"
"actor": "agent-1"
}

{
"id": "dec_03"
"status": "denied"
"actor": "agent-1"
}

{
"id": "apr_01"
"type": "approval"
"decision": "dec_02"
"status": "approved"
}

Policies decide.

Agents follow the rules you set.

rules:
  - resource: openai.com
actions: [api_call]
verdict: approved
safe actions pass
  - resource: stripe.com
actions: [purchase]
verdict: pending_approval
risky actions wait
  - resource: "*"
verdict: denied
everything else stops

agent.ts

import { authorize } from "@shotoku/core";
const decision = await authorize({
actor: "shopping-agent",
action: "purchase",
resource: "api.openai.com",
amount: 24.99,
});
console.log(decision);
/*
{
status: "approved",
decisionId: "dec_4f8a91",
reasons: [
"OpenAI is allowlisted",
"Purchase is below $50 limit"
],
}
*/

One function call.

Add authorization to any agent in minutes.

Your agents are already acting. Start with why.

Star on GitHub

See, approve and audit what your agents do.

Agents act.Shotoku checks first.

Local-first by design.

Policies decide.

One function call.

Agents act.
Shotoku checks first.