AI ACTION CONTROL · INNER RADAR LAYER
AI Action Control.
When agents start writing to systems of record, the runtime needs to live somewhere you control. Capsules contain. Mission Control supervises.
An Action Capsule is a Kubernetes-native container plus in-container sandbox around one model, agent or MCP server. The only egress is the paired AI Gateway. Mission Control is the operator fleet view across every Capsule.
Pre-flight authorisation, run-scoped execution leases, just-in-time credentials, kill switch — enforced at the runtime boundary, supervised from one console.
Module questions, answered straight.
When do I need an Action Capsule?
When an agent stops just answering and starts calling tools, writing to systems of record, sending emails or moving money. The runtime needs containment, not just policy.
What's the relationship between Capsule and Mission Control?
Each Capsule contains one runtime — a model, an agent task or an MCP server. Mission Control is the operator surface across all of them: identity, status, oversight, kill switch, evidence.
Where does it run?
Inside your own Kubernetes cluster. Standard Helm install, no node patches, no custom container runtime. EKS, AKS, GKE, OpenShift and on-prem are supported.
See AI Action Control in production.
Walk through a Capsule running, paired Gateway egress, and the live kill switch.