live sandbox

Live browser sandbox · real proofs, simulated side effects

Proof-gated actions for AI agents

PermitRail sits between an agent and a risky tool call. It checks policy, asks for approval of the exact request, signs a short-lived proof, lets the action run once, and writes a receipt you can verify later.

Open the sandbox Read threat model
Ed25519 proofs input-bound approval single-use execution signed receipts
App integration npm install @permitrail/core @permitrail/mcp-gateway @permitrail/provider-webhook
MCP npx @permitrail/mcp
Connect your own agent · MCP client config 
{
  "mcpServers": {
    "permitrail": { "command": "npx", "args": ["-y", "@permitrail/mcp"] }
  }
}

Try the API

Edit a tool call, run it, and watch the real package respond. Approve to sign a proof, execute it once, then replay it and watch it get refused.

  1. 1 Request
  2. 2 Policy
  3. 3 Approval
  4. 4 Receipt
permitrail · sandbox starting
Request exact action JSON
Example requests

Start with a scenario or paste any agent tool call. The same policy/proof flow works for your own tools too.

call permitrail_authorize_tool_call
Edit this exact request ready to edit

Change the tool, recipient, amount, purpose, or input. PermitRail binds approval to this exact JSON, not a generic permission.

Real Ed25519 signing in your browser. Nothing is sent, charged, or deleted.

Response idle 
// run a call to see the real response from the package
Equivalent code
// the call you run shows up here
Call log0 calls

Every call is logged here with its status and latency.