Skip to content
Production · api.brainstormrouter.com

Active Directory
for AI agents

Every agent needs an identity, a budget, and a kill switch. BrainstormRouter is the governance runtime for autonomous AI workforces — and the intelligence layer that makes Brainstorm CLI smarter with every request.

An AI gateway is a security appliance, not an infrastructure tool.

DocumentationQuick Start

362

Model Endpoints

30+

Providers

<5ms

p95 Latency

13

Intelligence Systems

168+

API Routes

65

MCP Tools

/ The Thesis(01)

80% of the Fortune 500 run AI agents in production. Fewer than 22% govern them.

The threat model isn't hypothetical. Semantic Lateral Movement: a compromised agent uses legitimate credentials to instruct peer agents to execute malicious actions. Traditional firewalls can't see it. API gateways can't stop it. You need intent inspection on the semantic layer.

BrainstormRouter applies the Cloudflare playbook to the semantic layer — developer adoption through easy integration (OpenAI-compatible), CISO control through governance enforcement (identity, authorization, evidence). Every request inspected. Every decision recorded. Every agent accountable.

Identity

SPIFFE Ephemeral Certificates

Every agent gets a unique mTLS cert that expires in 5 minutes. No static API keys. No shared secrets. Cryptographic proof of identity on every request.

Authorization

Semantic RBAC

Policies compiled from natural-language job descriptions into crypto-bound enforcement rules. What the agent is allowed to do — enforced at the token level.

Evidence

Cryptographic Audit Trail

Every decision signed and stored. Full reconstructability per agent at any point in time. Export to CEF/ECS JSON for compliance.

/ Streaming Guardrails(02)

The only gateway that inspects content mid-flight

Every other AI gateway inspects content after the full response arrives. By then, the PII is already on the client. The injection has already executed. BrainstormRouter inspects every token as it streams — and can redact, replace, or terminate the stream before sensitive data ever reaches the wire.

Unique in market — no other gateway offers streaming content guardrails

PII Detection

Regex + pluggable scanner. SSN, credit cards, emails, phone numbers — redacted token-by-token before they stream to the client.

Prompt Injection

7+ detection patterns. Identifies injection attempts in both prompts and model outputs. Blocks before execution.

Jailbreak Defense

Pattern-based jailbreak detection across known attack vectors. Updates from community threat intelligence.

Content Filtering

Toxicity scoring, keyword + LLM-based content filtering. Configurable thresholds per agent, per use case.

Synthetic Refusal

On violation, injects a natural refusal into the stream. The client sees a coherent decline, not an error.

Tool Call Firewall

Semantic intent analysis on every tool call. Blocks malicious tool usage even when the tool name looks legitimate.

/ Cryptography(03)

Post-quantum ready. Today.

The Brainstorm ecosystem uses AES-256-GCM for symmetric encryption and Argon2id for key derivation — both quantum-resistant. The CLI's encrypted vaultprotects secrets locally. The Router's SPIFFE CA issues certificates with cryptographic agility built in — ready for NIST post-quantum standards.

The evidence ledger uses cryptographic signatures that can be verified independently. Every routing decision, every guardrail trigger, every budget action — signed and immutable. Not for theater. For compliance teams that need to prove what happened and when.

CLI Vault

AES-256-GCM + Argon2id

Local secret encryption with 1Password bridge

Agent Identity

SPIFFE mTLS (X.509)

5-min ephemeral certs, crypto-agile for PQC migration

Evidence Ledger

Cryptographic signatures

Tamper-proof audit trail, exportable to CEF/ECS

Semantic Cache

pgvector cosine similarity

Embedding-based dedup at 90% threshold

Trust Degradation

6-signal reputation score

Full Trust → Degraded → Restricted → Quarantined

/ Intelligence Systems(04)

13 production-wired systems that learn, adapt, and enforce. Every request flows through the full pipeline in under 5 milliseconds. Each system feeds data to the others — and to BrainstormLLM for trajectory-based learning.

Thompson Sampling

UCB1 for cold-start, Gaussian Thompson for steady state. 7-day rolling Welford accumulators learn optimal model per task.

Semantic Cache

pgvector + in-memory hybrid. 90% cosine similarity threshold. Saves redundant API calls — you pay once, hit cache forever.

Budget Forecasting

Predicts spend depletion ETA. 5-level degradation ladder auto-reduces quality before limits are breached — never an unexpected bill.

Streaming Guardrails

Token-by-token content inspection during streaming. PII redaction, injection defense, toxicity filtering — all mid-flight, before tokens reach the client.

Semantic Tool Firewall

Deep intent inspection on every tool call. Analyzes what the tool actually does, not just its name. Blocks semantic lateral movement.

SPIFFE Identity

5-minute ephemeral mTLS certificates per agent. No static API keys. Unique cryptographic identity. Post-quantum ready.

Quality Scoring

Tier 1 heuristic (100% requests) + Tier 2 LLM judge (10% sampled). Tool call success tracking. Context utilization scoring.

Circuit Breaker

Isolates failing provider endpoints. Auto-recovers when health returns. Prevents cascade failures across 30+ providers.

Evidence Ledger

Cryptographically signed record of every decision. Who acted, what policy, what cost. Full reconstructability per agent at any point in time.

4-Block Memory (RMM)

Core facts, archival, sleep-time extraction, semantic retrieval. Postgres-backed with pgvector. Persistent across all sessions.

Cost-Quality Frontier

Finds the Pareto-optimal price/quality tradeoff per task type. Visualized in dashboard. Auto-selects the sweet spot.

Pattern Fingerprinting

Classifies requests into ~500 patterns. Per-pattern × model performance tracking. Feeds into Thompson sampling reward signal.

Agent Reputation

6-signal scoring drives rate limits, timeouts, and trust level. Graduated degradation: Full Trust → Degraded → Restricted → Quarantined.

/ Powers Everything(05)

Every agent in every platform runs through the Router

Brainstorm CLIis Router's first and best client. Every task routed. Every outcome tracked. Every trajectory captured for BrainstormLLM training. The production platforms are the proof.

BrainstormMSP

37 agents

Autonomous MDR. Every security decision routed, governed, and evidence-logged.

Brainstorm-GTM

70 agents

Autonomous go-to-market. Budget-controlled per campaign. Degradation ladder prevents overspend.

Peer10

35 services

Youth sports platform. CLI routes all code tasks through Router intelligence.

Lead Network

33 domains

Autonomous acquisition. Router handles model selection for 7 different vertical contexts.

/ Integration(06)

OpenAI-Compatible API

Drop-in replacement. Change your base URL and you're done. Works with LangChain, LlamaIndex, CrewAI, Vercel AI SDK, and any OpenAI-compatible client. Every response includes intelligence headers: quality score, route reason, cache status, guardrail summary.

api.brainstormrouter.com

// Just change the base URL

const client = new OpenAI({

baseURL: 'https://api.brainstormrouter.com/v1',

apiKey: process.env.BR_API_KEY,

});

 

// Response includes intelligence headers:

// X-BR-Quality-Score: 0.87

// X-BR-Route-Reason: thompson-sampling

// X-BR-Cache: miss

// X-BR-Guardrail-Summary: pass

// X-BR-Actual-Cost: 0.0034

MCP Gateway

65 MCP tools for agent-native discovery. Routing, memory, governance, budget, security, approvals, and admin — all accessible through the Model Context Protocol. Your agents can query their own reputation, check their budget, and request permission escalation.

SDKs

  • npm install @brainstormrouter/sdk — TypeScript
  • pip install brainstormrouter — Python
  • npm install @brainstormrouter/cli — CLI

Integrates with: LangChain, LlamaIndex, CrewAI, Vercel AI SDK, and any OpenAI-compatible client.

/ The Flywheel(07)

Every request makes the system smarter

CLIRouterEvery task classified and routed through the intelligence pipeline
RouterProviders362 endpoints across 30+ providers. Best model selected via Thompson sampling.
OutcomeRouterSuccess/failure, cost, latency, quality score — all fed back into model rankings
TrajectoryLLMFull session trajectory captured. Trains BrainstormLLM to predict optimal phase plans.
LLMRouterONNX predictor deployed. Sub-2ms inference improves routing before the model even sees the prompt.

Ready to govern your AI agents?

Start free. No credit card required. All 13 intelligence systems, streaming guardrails, and SPIFFE identity included.

Get StartedTry the CLI firstTalk to Sales