Mindburn Labs
Founding Cohort
APACHE 2.0

几分钟内首次API调用

HELM是OpenAI兼容代理。只需更改一行——您的base_url——每个工具调用都被治理、收据化和可验证。

在GitHub上查看 阅读标准
ARCHITECTURE

Governed Execution Pipeline

Every AI action flows through three trust boundaries — from proposal to cryptographic receipt. Click any stage to see its invariant and proof output.

External BoundaryAgent sends structured proposals — never raw execution
Kernel — Fail-ClosedEvery proposal is validated, policy-checked, then executed under governance
Proof SurfaceReceipts chain into an offline-verifiable evidence bundle
Hover or click any stage to see its invariant and proof output
ExternalKernel boundaryProof surface
Full architecture docs
INPUT → GOVERNANCE → PROOF

From proposed action to verifiable proof

HELM turns policy inputs into deterministic execution records and offline-verifiable evidence without letting raw tool calls slip around the boundary.

Fail-closed runtimeOffline verificationMCP-native
HELM OSS execution latticeTyped policies, regulations, and permissions flow into the HELM core engine, which executes inside a fail-closed sandbox and emits audit trails, cryptographic proofs, and deterministic action records.POLICY SURFACESPROOF SURFACESTYPED GUARDRAILSPOL-01PoliciesJURISDICTION RULESREG-02RegulationsHUMAN APPROVALSPERM-03PermissionsFAIL-CLOSED KERNELHELMCore execution authorityCPI • PEP • WASI SANDBOX • RECEIPTSAudit TrailsCrypto ProofsCompleted Actions
Inputs arrive as typed constraints, not raw execution.HELM enforces policy before any side-effect is allowed.Outputs exit as receipts and proofs that can be checked offline.
Input Surface

Policies, rules, approvals

Governance starts with typed constraints from policy files, regulatory rules, and human permission checkpoints.

Kernel Boundary

Deterministic execution

The core validates, policy-checks, executes in a sandbox, and fails closed whenever the boundary cannot prove it is safe.

Proof Surface

Artifacts anyone can inspect

Every action leaves an auditable trail: receipts, proof structures, and completed action records that survive outside the runtime.

快速开始

5分钟内部署

HELM与框架无关。

1
Clone the repo
$ git clone https://github.com/Mindburn-Labs/helm-oss.git
2
Build the kernel
$ cd helm-oss && go build ./cmd/helm-proxy
3
Start the proxy
$ ./helm-proxy --config config.yaml
4
Point your agent
$ export OPENAI_BASE_URL=http://localhost:8420/v1
Full quickstart guide
MCP ECOSYSTEM

Works with every MCP client

HELM is MCP-native. Any client that speaks the Model Context Protocol can use HELM as its execution authority — no adapters, no shims.

FRAMEWORK COMPATIBILITY

Framework-agnostic by design

Change one URL — every framework gets receipts, policy enforcement, and offline verification.

Full compatibility matrix
OSS ↔ HELM边界

什么是免费的。什么不是。为什么。

OSS使HELM成为默认运行时边界。HELM Enterprise在大规模时成为该边界的默认操作系统。

OPEN SOURCE

OSS Kernel

$0
ENTERPRISE

HELM Enterprise

Custom
  • 使用可撤销凭证的跨组织信任委托
  • 模型基准测试和成本优化分析
  • Salesforce、SAP、ServiceNow原生集成
  • 具有集中策略管理的多集群部署
  • SOC 2、HIPAA和ISO 27001合规自动化
  • 具有芯片级防篡改证据的TEE绑定执行
FAQ

Common questions

今天就部署治理

克隆仓库。运行合规套件。部署到生产。

在GitHub上查看 完整文档