Governed AI Execution Systems

AI DOESN'T NEED
BETTER PROMPTS.
IT NEEDS CONTROLLED
EXECUTION.

RAPTOR defines intent. AERIE governs execution. PromptSmith builds the systems that make it real.

See the Architecture Explore the Framework
The Problem

The control gap is already open.

Most AI systems are operating with more privilege than visibility.
  • ERR_01
    Ambient credentials
    Agents inherit tool access at spawn time. Scope is never explicitly constrained. Every agent carries everything — regardless of task.
  • ERR_02
    Shared tool surfaces
    Multiple agents, one interface. No execution isolation. No context boundary. Lateral capability is the default, not the exception.
  • ERR_03
    No execution boundaries
    Intent is declared but never enforced. The model decides what falls within scope at runtime. That is not governance. That is delegation without accountability.
  • ERR_04
    Logging ≠ control
    Observability tells you what happened. It does not stop it happening. A post-execution log is forensic evidence, not a control plane.
The Model

Intent → Governed Execution → Controlled Outcomes

01
USER INTENT
Natural language task declaration
02
RAPTOR
Structured intent specification
03
INTENT ENVELOPE
Signed, scoped, constrained task object
04
AERIE CONTROL PLANE
Policy evaluation · grant decision
05
CAPABILITY GRANTS
Time-bound, minimum-privilege permissions
06
EXECUTION
Bounded · observable · revocable
07
IMMUTABLE AUDIT TRAIL
Append-only, cryptographically verifiable

The standard AI stack treats execution as a consequence of generation. Intent goes in. The model decides what to do. There are no enforced boundaries, no scoped permissions, no control between intent and action. This is the gap.

The PromptSmith model inverts this relationship. Intent is formalised before it reaches the model. RAPTOR converts natural language into a structured, signed task object — an Intent Envelope — that defines what the task is and, critically, what it is not permitted to do.

AERIE evaluates that envelope against policy before issuing any capability grants. Execution happens inside a constrained, time-bound scope. Every action is attributable. The audit trail is not an afterthought — it is the foundation the architecture is built on.

prompts → outputs
intent → governed execution → controlled outcomes
Components

Three layers. One architecture.

COMPONENT / 01
RAPTOR
Structured Intent Framework

A methodology for translating raw user intent into structured, repeatable, machine-legible task specifications. RAPTOR enforces a consistent schema — Role, Aim, Parameters, Tone, Output, Review — across every task, making prompt engineering an engineering discipline rather than an art form. Portable across models. Teachable to teams.

Structured Prompting Intent Formalisation Repeatable Model-Agnostic
raptorframework.io ↗ Prompt Engineering Manual ↗
COMPONENT / 02
AERIE
Execution Governance Layer

The control plane between intent and execution. AERIE evaluates signed Intent Envelopes against declared policy, issues minimum-privilege capability grants, enforces execution boundaries mid-flight, and writes to an immutable, append-only audit ledger. Governance is structural, not observational. Control by design — not by monitoring.

Capability Tokens Policy Enforcement Audit-First Execution Isolation
COMPONENT / 03
AI OS
The Bigger Vision

A local-first, governed AI environment that integrates RAPTOR and AERIE into a complete agent runtime. The AI OS is the end state: a secure execution surface where agents operate with defined identity, scoped capability, and full auditability — deployed on your infrastructure, under your control, with no dependency on external API governance.

Local-First Secure Agent Runtime Governed Environment Vision Stage
Open Documentation
FW
RAPTOR Framework raptorframework.io ↗
PM
Prompt Engineering Manual Full methodology guide ↗
Read the Docs ↗
Evidence

Documented. Demonstrable. In progress.

Whitepaper
From Policy to Enforcement
Architectural pattern for governed AI execution. Covers intent envelope design, capability token lifecycle, policy rule language, and audit ledger integrity. Submitted for arXiv publication.
Framework
RAPTOR v2 Specification
Full methodology specification with two-phase cognition model. Role · Aim · Parameters · Tone · Output · Review. Production-tested across engineering, legal, and creative task domains.
Live Demo
Print Shop AI Engine
Customer enquiry automation built on the RAPTOR/AERIE model. Real-world deployment. Controlled tool access, bounded execution scope, customer-facing interface.
Architecture
AERIE Control Plane Design
Full system architecture diagrams. Control plane topology, capability grant flow, audit ledger schema, policy evaluation engine. Engineering-grade documentation.
Use Cases

Where control is non-negotiable.

USE CASE
/ 01
Customer Enquiry Automation
AI agents handling inbound queries with explicit scope: read customer data, generate response, escalate on boundary breach. No ambient CRM access. No lateral movement across accounts. Capability constrained to task. Audit trail per interaction.
Print Shop Customer-Facing Live
USE CASE
/ 02
Internal AI Assistants with Controlled Access
Departmental AI agents that operate within explicit capability grants scoped to role and context. Finance sees finance data. HR sees HR data. Capability does not cascade between departments. Every action attributable to a policy-authorised grant.
Internal Tooling RBAC-Aware Audit-Ready
USE CASE
/ 03
Security-Sensitive Environments
Regulated industries where every AI action must be attributable, bounded, and — if necessary — reversible. ISO 27001, SWIFT, Cyber Essentials, financial controls. The environments where governance is a compliance requirement, not a design preference.
Sweet Spot ISO 27001 SWIFT Regulated

This isn't prompt engineering.
It's execution control.

If you're building AI systems that need to operate where control, auditability, and execution boundaries are non-negotiable — this is the conversation to start.

Work with PromptSmith Explore RAPTOR Follow the Build