Live on AWS — evaluating code in real time

AI Governance for
Development Teams

Joplin lives in the AI context window. Your compliance rules are already there — no plugins, no wrappers, no extra work.

The audit trail is written directly into the code. Developers don't do anything extra.

Try the live demo → Request a demo
3-tier
Constitution → Rules → Guidelines
< 5s
Evaluation time per diff
100%
Tamper-evident audit trail

How it works

Joplin COS sits between your developers and your codebase, enforcing governance without slowing anyone down.

1

Define your rules

Write your compliance rules as Markdown across three tiers — Constitution, Laws, and Guidelines. Joplin indexes them automatically.

2

Evaluate every change

Every git commit or CI/CD pipeline run sends the diff to Joplin. Claude evaluates it against your rules and returns a verdict in seconds.

3

Audit trail — zero developer effort

Every approved change gets a permanent JOPR reference ID written directly into the code. No copy-paste, no manual logging. The record is just there.

Built for enterprise compliance

🛡️

Tier 0 — Provider Policy Guard

Checks every diff against Anthropic, Google, OpenAI, and Mistral usage policies before evaluation. Blocks policy violations at the gate.

⚖️

Three-tier constitution

Tier 1 Constitution, Tier 2 Rules, Tier 3 Guidelines — each with its own authority level, approval workflow, and escalation path.

📋

Compliance reports

Generate SOC 2 Type II and EU AI Act conformity packages on demand. Evidence automatically gathered from your audit trail.

🔗

CI/CD integration

REST API endpoint accepts any git diff and returns a structured JSON verdict. Drop it into GitHub Actions, GitLab CI, or Jenkins in minutes.

💻

Works with VS Code + GitHub Copilot

Joplin lives in the context window — no extension needed. Your rules are already there when Copilot, Claude, or any AI assistant generates code.

🔒

Tamper-evident audit log

Hash-chained audit trail. Every evaluation is cryptographically linked to the previous one — deletion or modification is detectable.

📬

Governance escalation

Scribe tickets route rule change requests to the right approver — CIO, Lead, or Developer — with email notifications and one-click approval.

Live demo

Joplin loads your compliance rules into the AI context window. The AI already knows what's allowed.

No additional work needed.

AI Context Window ● Joplin active
system — injected by Joplin COS
[JOPLIN GOVERNANCE CONTEXT]
Tier 1 — Constitution (immutable)
AI-generated code MUST NOT introduce authentication bypasses or backdoors
All user data operations MUST use parameterized queries — string concatenation is prohibited
Cryptographic operations MUST use approved algorithms: AES-256, RSA-2048+, SHA-256+
Tier 2 — Enforceable Rules
MD5 and SHA-1 MUST NOT be used for any security-sensitive hashing
Hardcoded credentials, tokens, or secrets MUST NOT appear in source code
All external inputs MUST be validated before use in database queries or system calls
Tier 3 — Guidelines
Prefer bcrypt or argon2 for password hashing
Log all authentication events with timestamp and IP address
user — chat to AI
Try:
author:

Evaluated by Claude against MissionControl governance rules — live on AWS

Ready to govern your codebase?

Joplin COS is available for enterprise teams. Get in touch to discuss your compliance requirements.

Request access