The compliance layer for AI agents in the EU.

Fuze is an open-source SDK and a managed dashboard. Drop the SDK into your agent and it captures every prompt, tool call, and decision as an append-only evidence stream. The dashboard reads that stream and helps you compile the Annex IV file, the FRIA, and the Article 73 incident report regulators ask for.

Classify your risk Read the docsnpm i fuze-ai

Screenshot of the Fuze Control dashboard showing a compliance posture overview, signed-evidence integrity counts, resource consumption, a tokens-and-activity chart, and a recent runs feed.

Wraps the agent code you already have

OpenAIAnthropicMistralVercel AI SDKMastraLangChainLangGraphCrewAI

Inside the SDK

What fuze-ai records.

Five primitives that wrap an agent at the point it runs. Each one captures a different facet of the runtime and writes it to the same append-only evidence stream.

Audit trail

Art. 12

guard()

Every prompt, tool call, and return value is captured as structured JSONL on the hot path. The Python SDK adds an HMAC-SHA256 hash chain for tamper detection today; TypeScript parity is on the roadmap.

00:12.481PROMPT

00:12.612TOOL.search

00:13.018RESULT

00:13.142EMIT.evidence

Loop guard

runtime

loop()

Detects when the agent re-walks the same call graph and pauses execution before the budget runs out.

Budget

runtime

budget()

Hard caps on tokens, steps, and wall-clock per run, with the breach event recorded on the evidence stream.

tokens0 / 10,000

steps0 / 20

latency0.0 s / 6 s

Side-effects

runtime

side_effect()

Records every external call the agent makes (HTTP, database, payment, mail) so an auditor can review the actual effects of a run alongside its trace.

http.POSTlogged

db.writelogged

email.sendlogged

stripe.chargelogged

Human override

Art. 14

requestOversight()

Suspends the run on a durable adapter; the reviewer's signature binds the human decision into the run record.

queue · 2 pending

extend offer · candidate_4f1c

credit denial · applicant_82e0

Or build with the framework

Fuze Agent is a TypeScript agent framework with the compliance layer already wired in.

The same primitives — guard, loop, budget, side_effect, approval — are the runtime, not an add-on. Build a new agent with Fuze Agent and the dashboard starts receiving evidence on the first run.

Framework docs @fuze-ai/agent

tool()

loop()

memory()

side_effect()

approval()

redact()

budget()

audit()

Article coverage

Where the SDK meets the Act today.

Fuze is built to address the EU AI Act's high-risk obligations. Some of these are shipping today; others are partial or on the roadmap. The split below reflects the current state of the public fuze-ai SDK and Fuze Control around it.

Shipping

Art. 12Automatic event recordingPer-step JSONL trace of every prompt, tool call, return, and guard event.

Art. 14Human oversight`ctx.requestOversight()` suspends the run on a durable adapter; reviewer signature binds the human decision into the chain.

Art. 26Deployer monitoringDashboard surface for runs, agent health, retention, and an admin audit log of privileged actions.

Art. 27FRIA`agent-fria` compiles a Fundamental Rights Impact Assessment from evidence span attributes.

Art. 73Serious incident reporting`agent-incident` drafts a regulator-ready Article 73 incident report from the same evidence stream.

Partial today

Art. 19Log retentionAppend-only event store with configurable retention. The HMAC-SHA256 hash chain is in the Python SDK; TypeScript parity is on the roadmap.

annex ivTechnical documentation`agent-annex-iv` maps Fuze evidence span attributes to Annex IV sections (and ISO 42001 controls).

On the roadmap

Art. 9Risk-management systemTooling for residual-risk logs and control-registry tracking.

Art. 10Data & data governanceSource lineage and drift logging for inference and training data.

Art. 13Transparency to deployersCapability cards and a known-limitation registry exported with each run.

Art. 15Accuracy & robustnessEval-suite integration and jailbreak-attempt logging on the hot path.

Art. 72Post-market monitoringDrift alerts and performance-regression diffs per deployment.

Instrumenting an agent

One decorator.

There's no framework to learn. guard wraps the agent with the runtime checks and emits structured evidence as it runs. The SDK ships for TypeScript and Python; framework adapters for LangGraph and CrewAI are in the Python build today, with TypeScript parity on the roadmap.

Wraps raw OpenAI / Anthropic / Mistral SDK calls today
Token usage extracted across the major agent SDKs (OpenAI, Anthropic, Vercel AI, Mastra, LangChain)
Zero outbound network by default — evidence emits to wherever you configure

agent.ts

import { guard, comply } from 'fuze-ai'

const screener = guard(myAgent, {
  article:   'Annex III.4(a)',
  residency: 'eu-central-1',
  budget:    { tokens: 10_000, steps: 20 },
})

const result = await screener.run(prompt)
await comply.emit(result)

signed · Art. 12, 14, 26 ← evidence chain

Trust posture

How the platform handles your data.

Fuze is built in Europe and run from the EU. The SDK does not phone home by default — evidence emits to wherever you configure, which can be a self-hosted store or the managed Fuze Control backbone. The data model, the signing scheme, and the audit log format are all open specifications. A full trust report covering residency, encryption, sub-processors, and certification status will be published alongside the first paid tier.

Open source

The SDK and the Agent framework are MIT-licensed.

Read every line. The evidence-signing scheme is documented in the trust report, and the audit log format is a published spec. Self-host the SDK alone or take the managed Fuze Control dashboard on top.

fuze-ai Read the docs

Five minutes to know if the Act applies to you.

The classifier walks you through Annex III and tells you which Articles apply, which tier of risk you sit in, and what evidence the Fuze Control dashboard would start emitting on day one. Free, no signup, no email gate.

Classify your risk Read the docs