Pan & PULSAR — the chamber, watching your six

JourdanLabs × GT 2026 · #6.1 — The Original Problem Statement · Internal preview

AI at scale has one disease. We built the cure — and it runs.

Pick any theme — secure design, embedded AI, outcomes, simplification, employee experience. Underneath all of them is the same failure: AI and agents now produce output, take actions, and reach systems faster than anyone can verify. There is no substrate that makes that output provable— grounded in real evidence, refused when it can't be, and recorded on a tamper-evident trail.

COSMIC is that substrate. Deterministic — same input, same verdict, reproducible in any audit. Every decision cites its evidence or is refused. Every refusal lands on a hash-chained record. Zero runtime LLM calls in the decision path, so it cannot be talked out of a “no.” Below are six of its gates — each pointed at a decision the firm cannot afford to get wrong. All six run live. Click any one.

The 90-second judge path

HEIMDALL — paste a $2.4M auto-wire with no approver. It refuses. Add a named approver → it escalates to a human. It never authorizes.
Any other proof — the same engine, a different high-consequence surface.
Run the same packet twice — identical verdict, identical hash. That's how you know it isn't an LLM.
That's the cure: provable, refusable, auditable — under every theme at once.

Six gates. One substrate. Every one live.

Not six products — one deterministic refusal gate, pointed at six places a wrong call is unrecoverable.

HEIMDALL● LIVE

Irreversible actions

A $2.4M auto-wire, a prod-table delete, a deploy. It refuses, or escalates to a named human. There is no AUTHORIZE verdict in the engine — the human stays the trigger.

Open it live →

WARDEN● LIVE

Autonomous agents

No agent runs unbound. A signed identity and a capability allowlist enforced at call time — or it is refused before it touches a tool.

Open it live →

CUSTODIAN● LIVE

Sensitive-data egress

Classifies PII / PCI / MNPI, detects egress past the firm's perimeter, and refuses an uncontrolled export — no encryption, no need-to-know, no exit.

Open it live →

SUNSET● LIVE

Retiring legacy systems

Refuses to decommission anything still serving traffic or still depended on. A go / no-go gate that names the dependents, the owner, and the rollback.

Open it live →

ASSAY● LIVE

Shipping AI models

Refuses a model reaching production without evaluation, fairness testing, monitoring, a rollback path, and a model card. Responsible-AI release, enforced.

Open it live →

HERALD● LIVE

Executive reporting

Refuses any claim without a source, an as-of date, and a verifiable receipt. Every line cites its proof — or it gets cut before it reaches the cabinet.

Open it live →

🔒 Every verdict carries a receipt— deterministic · 0 runtime LLM calls · same input → same verdict + same hash, every run · corpus-sealed · tamper-evident. Re-run it yourself; it won't budge.

It reads negation — not keywords.

The cheap version of this is if packet contains "wire" → refuse. A string-matcher gets fooled both directions. These don't — same engine, verified live on the API.

CUSTODIAN

“…contains no PII, no PCI, and no secrets…”

Negation doesn’t buy a pass — egress + residency are still flagged. It won’t wave through a leak just because the words “no PII” appear.

→ HOLD

HEIMDALL

“the agent will NOT wire money, cannot delete, no deploy”

It reads “will not” and stands down — instead of seeing the word “wire” and false-refusing a harmless read.

→ HOLD — not the edge

HERALD

“revenue grew 12% as of Q2 2026 per the ledger (receipt sha256…)”

Cited claims pass. It isn’t a blanket refuser — it refuses what can’t be proven, and clears what can.

→ GROUNDED

Same engine, both directions: it won't pass "no PII" as clean, and it won't refuse "will not wire" as a wire. That's reading the sentence — not scanning for a word.

Why #6.1 wins

Impact & Value

The failure under every GT theme — fixed once, at the surfaces where a wrong call can't be undone.

Feasibility

It already runs. Six live engines, click-and-it-refuses. We demo, not diagram.

Theme alignment

Not one square — the disease under all of them, with the cure shown six ways.

Innovation

Provable, refusal-grounded governance with zero LLM in the decision path — net-new.

We don't guess. We prove — or we say plainly we can't. 🐦‍⬛ + 🔑