I Gave My AI Agent a Conscience and a Council

For the last while I've been building something I only half-jokingly call an organism: an autonomous AI that operates real production infrastructure across multiple organizations. Not a chatbot that suggests commands — an agent that actually runs them.

The moment you let an agent act on production, the interesting problem stops being capability. The models are already capable enough to be dangerous. The problem becomes governance: how do you let something autonomous touch real systems without it quietly doing something irreversible, crossing a boundary it shouldn't, or confidently building the wrong thing?

I ended up with two gates. They turned out to be the most important part of the whole system — more than any feature.

The action-gate: a conscience with no LLM in it

Every command the agent tries to run passes through a reflex I call conscience. It is deliberately not an LLM. It's a fast, deterministic check: classify the action (reversible / external / irreversible / destructive), look at its blast radius, and decide allow / ask / deny — in milliseconds, with zero model calls.