# GreenLightz > GreenLightz is a vendor-neutral, deterministic control and evidence layer that checks cumulative business exposure of AI-agent actions on refunds, credits, account changes, and customer promises before they execute, and opens a reviewer-replayable Evidence Case for every governed action. GreenLightz sits between an AI agent (any vendor: Intercom Fin, Decagon, Sierra, Ada, Salesforce Agentforce, Zendesk, in-house) and the actual business action. It exposes two thin HTTP seams — one for the deterministic verdict, one for the Evidence Case container — and returns one of three verdicts: ALLOW (green), REQUIRE_APPROVAL (amber, with a concrete intervention plan), or BLOCK (red, with the exact rule that fired). The engine is fully deterministic and rule-based — no LLM is involved in any governance decision. Six architectural invariants are enforced in code: FAIL-CLOSED, ESCALATE-ONLY, DETERMINISTIC, OFFLINE-FIRST, PRIVACY-FIRST, TAMPER-EVIDENT. Verdicts, Evidence Cases, evidence packets, and audit events are operational governance signals — NOT legal attestation, NOT third-party audit opinion, and NOT a regulatory determination. ## Product - [Product overview](https://greenlightz.com/product): How GreenLightz governs AI-agent actions — three-step integration, nine built-in action types, verdict bands (green/amber/red), and the intervention-plan retry loop. - [Homepage](https://greenlightz.com/): One-sentence positioning, hero flow diagrams (monetary + non-monetary commitment), the six-question Evidence Case framework, and the six architectural invariants. - [How it works](https://greenlightz.com/#how-it-works): Integrate (one HTTP call per agent action, no SDK), define YAML policy packs (per-tenant, per-action-type ceilings), govern in real-time (deterministic verdict + tamper-evident evidence packet). ## Policy - [Policy configuration guide](https://greenlightz.com/product): YAML policy packs with `max_amount_cents` (per-action-type ceilings), `pre_authorized_limit` (autonomous ALLOW threshold), `approval_mode` (optional human-in-the-loop workflow: manual / pre_authorized / block), `enabled_dimensions`, `policy_version` (drift detection), and env-ref `webhook_url` / `webhook_secret`. Policy packs are version-controlled, tenant-scoped, and hot-swappable without downtime. - [FAQ — Calibration](https://greenlightz.com/faq): Guided calibration flow that converts customer answers into a signed policy pack via deterministic dictionary mapping (no LLM at runtime). Unresolved conflicts fail closed to REQUIRE_APPROVAL. Forbidden-phrase lists are Unicode-normalized, whitespace-tolerant, and word-boundary aware. ## Security - [Security page](https://greenlightz.com/security): Six invariants, tamper-evident content-hash chain (HMAC signing when an operator signing key is configured), per-tenant HMAC key isolation on identifier hashing, tenant-discriminator SQL filtering, and the PII rejection surface (18 known PII field-name aliases across 11 families, plus SSN / 16-digit PAN / RFC-5322 email regex scanning on payload string values — rejected with HTTP 400 PII_METADATA_BLOCKED before evaluation). - [FAQ — Security](https://greenlightz.com/faq): Storage model (SHA-256 HMAC identifiers with per-tenant keys; no PII at rest), test coverage (over 8,300 governance test cases across suites; CI-gated key suites; exact suite inventory disclosed during technical review under NDA), and the six specific hardening controls enforced in code. No external third-party security audit has been completed; an external audit is in planning. - [FAQ — Compliance](https://greenlightz.com/faq): SOC 2 Trust Services Criteria (CC1 / CC4 / CC6 / CC7 / CC8) reviewer-bundle alignment, GDPR Article 30 records-of-processing surface, ISO/IEC 27001:2022 Annex A control mapping. No claim of certification, attestation, or regulatory compliance. ## Evidence Case - [Sample Evidence Packet](https://greenlightz.com/sample-packet): A reviewer-replayable evidence packet the engine seals inside an Evidence Case at verdict time. Contains proposed outcome, deterministic autonomous verdict, policy version, cumulative exposure at decision time, approval lineage (only when the tenant has configured the optional human-in-the-loop workflow), executed outcome, and content-hash chain. - [FAQ — Evidence Case](https://greenlightz.com/faq): Canonical definition of the six-question Evidence Case (what happened / what was required / what was observed / what was missing / who approved it / which policy produced the verdict) and the vocabulary bridge — the Evidence Case is the case-level container; the evidence packet is the sealed snapshot inside it. ## Extended reference - [llms-full.txt](https://greenlightz.com/llms-full.txt): Full extracted content of the product overview, security posture, policy-configuration surface, and FAQ answers for AI citation and retrieval. ## Legal - [Privacy Policy](https://greenlightz.com/privacy): Data handling boundary, retention (180 days default, per-tenant configurable), and data-subject-rights applicability. - [Terms](https://greenlightz.com/terms): Service is provided commercially-reasonable best-effort. No SLA, no uptime guarantee, no service credits, no insurance representation, no source-code escrow. United States-domestic and USD-only for the current pilot scope.