The control plane for multi-agent systems.
Catch coordination loops the moment they form. Enforce policies before the model call. Sign a tamper-evident receipt for every agent decision. One line of code, any framework.
Three failure modes you can't see today.
None of these throw. Without instrumentation each one is invisible until a customer or an auditor notices. With Prova each one becomes a signed receipt the moment it happens.
Coordination loop
CAUGHTThree planning agents start handing the same partial draft back to each other. Tarjan SCC over the agent trace catches the cycle on the second pass. A signed receipt lands in the Audit Vault with the participating agents named and the exact step the loop closed.
Prompt injection in a tool result
BLOCKEDA search-tool result contains an inline instruction telling the agent to exfiltrate credentials. The prompt-injection detector flags it before the agent sees the response. Gateway mode blocks the call, the audit trail captures the attempt.
PII leaking into a downstream prompt
BLOCKEDAgent A summarizes a customer record. Agent B's prompt template appends the summary into a vendor model call. The PII detector catches the leak at the gateway. The receipt names the source agent and the downstream model that would have seen it.
How it fits your agent
Drop-in observation
Wrap your graph invocation. Prova watches every handoff between agents and emits a signed receipt per decision. No infrastructure changes.
Pre-execution gate
For high-stakes tool calls, POST to /api/v1/gateway/check first. Policies and detectors run, returning allow, alert, or block with the receipt attached.
One audit trail
Every detection, policy verdict, and tool call lands in the Audit Vault as the same signed AIDecisionEvent. SIEM exports work out of the box.
Ship agents you can audit.
Free tier covers loop detection and the Audit Vault up to the first 500 receipts a day. Team plan unlocks all detectors and custom policies. Enterprise wires the gateway in front of your existing model traffic.