Wardary

Governance & Audit

Control which models run, with what context — and prove it

Governance you can enforce, not just hope for. Wardary applies the allow-list and org context server-side, then records every prompt in an immutable trail you fully own.

Request a demo

Model allow-list

Decide exactly which models your org may use

Choose the providers and models on your allow-list and whether end users may pick within it. A request for a disallowed model is rejected at the server — not merely hidden in the UI.

  • OpenAI, Anthropic, and Google in v1
  • Per-model configuration and enablement
  • allow_user_model_selection toggle: users pick, or the org decides
  • The allow-list encodes each provider's data-processing posture

Prepend context

Apply standing org instructions to every prompt

Inject your organization's guardrails and standing context into every outbound prompt as a system-level message — versioned, with each audit record referencing the version that applied.

  • System-level injection, not user text
  • Versioned, with a visible_to_users toggle
  • Each prompt log references the context version used
  • Enforced server-side on every request
The compliance guarantee

One immutable record for every prompt

No prompt is ever un-logged. Each one writes exactly one append-only record — even on blocked or error paths — with immutability enforced at the database, not in middleware.

  • Requested vs. resolved provider and model
  • Which redactions applied, and why
  • How the model was chosen (user, rule, or default)
  • Tokens in/out, estimated cost, and latency
prompt_log · append-only
statusredacted
modelanthropic / claude
selection_modedefault
redactions2 spans · SSN, NAME
tokens1,204 in · 842 out
est_cost$0.018

Total cost

$1,284

Total tokens

85.2M

Avg / 1K

$0.015

Top model

Claude

Usage & cost

See spend by user and by model

Every audit record carries token counts and an estimated cost — kept even under bring-your-own-key — so you can report usage by user and by model over time, understand spend, and show leadership that AI use is both governed and accountable.

Hard budget enforcement is on the roadmap; v1 meters and reports so the data is already there when it lands.

On the roadmap

Contextual routing, when you need it

A rule-based routing engine — match a prompt by topic, keyword, regex, or tag and send it to a designated model, with the option to enforce that destination over user choice — is designed and sequenced as a post-validation release. We're candid that routing and logging are commoditized; redaction and audit are the value, so they ship first.

Resolution order

enforced rule → user selection → org default

An enforce rule is a guardrail that can't be overridden from the UI, and no rule can route to a disallowed model.

Enforce toggle Allow-list validatedRecorded in the audit