The agentic clearinghouse

Every agent action, cleared.

Let your agents act on things that matter — a refund, a trade, a merge. Primust clears each action against its authority and the real system of record, then settles it into signed evidence the next person, workflow, or agent can build on.

The problem

The agent writes its own report card.

When an agent finishes, it tells you what it did — and that summary is written by the same agent that did the work. If something went wrong, got skipped, or reached out of bounds, the summary won't show it. Primust checks that summary against what actually changed — the commit, the database row, the system it touched — and flags where they don't match.

Every check comes back one of three ways:

matched diverged unverifiable
Action Clearance · live proof lanes

One clearing model. Different independent records.

Primust does not turn every log into “proof.” Each action earns the strongest evidence the destination can support, and every weaker or missing leg stays labeled.

Live

Coding actions

Bind the task and allowed scope to the agent's account, then re-fetch the commit, pull request, and CI state from GitHub.

See coding-agent clearance →
Independent record · GitHub API refetch
Interventions · clear, warn, or block merge
Live · read-only

Payment actions

Compare what an agent said it charged, refunded, or transferred with mandate limits and a fresh read from Stripe, Plaid, or a public chain.

See payments clearance →
No custody · no money movement
Restricted customer-controlled read access
Demo-ready · read-only

Trading actions

Check an agent's order against its signed mandate, re-fetch the broker record, and keep execution, clearing acceptance, and custody settlement as separate lifecycle states.

See trading clearance →
No routing · no custody · no securities
Alpaca order re-query is the first demo rail
Proven surfaces

Enterprise actions

Reconcile agent work across connected systems, with proven evidence paths spanning Salesforce, Data 360, MuleSoft control-plane access, and GitHub.

See cross-system evidence →
Evidence strength varies by connector
Unproven surfaces remain named gaps
From our own fleet

Even watching every tool call isn't enough.

55%
of our own agent sessions that ended in a commit, more files actually changed than the live monitoring captured.
What the monitoring saw
0files edited · per live tool-call telemetry
the actual commit
What actually changed
17files changed · 1,370 insertions

Watching isn't enough. Only the real record shows what actually happened.

To be clear, this is a blind spot in the monitoring — not proof the agent lied. That's the point: you can't tell from the agent's own summary. Primust checks each run against an independent record wherever one exists.

Verify it yourself

Don't take our word for it. Run the verifier.

Every credential is independently checkable — offline, no call to Primust, no trust in our database. Hand it to an auditor, an insurer, a counterparty; they confirm it themselves.

primust verify run_5aae6acf.gec
primust verify run_5aae6acf.gec
signature ·· Ed25519 OK
timestamp ·· RFC 3161 OK
observed ·· git-witnessed · api.github.com
said ↔ observed ·· matched
verdict: PASS  ·  offline · no network
Start here

See what your agents actually did.

Become a design partner and start with one consequential workflow — a coding action, payment, trade, or another system-of-record-backed task. We reconcile the agent's authority, claim, and observed outcome, then issue an Action Clearance anyone can verify. Primust never needs custody or permission to move money or securities.