Live on AWS — evaluating code in real time

AI Governance for
Development Teams

Joplin lives in the AI context window. Your compliance rules are already there — no plugins, no wrappers, no extra work.

The audit trail is written directly into the code. Developers don't do anything extra.

Try the live demo → Request a demo
3-tier
Constitution → Rules → Guidelines
< 5s
Evaluation time per diff
100%
Tamper-evident audit trail

How it works

Joplin COS sits between your developers and your codebase, enforcing governance without slowing anyone down.

1

Define your rules

Write your compliance rules as Markdown across three tiers — Constitution, Laws, and Guidelines. Joplin indexes them automatically.

2

Evaluate every change

Every git commit or CI/CD pipeline run sends the diff to Joplin. Claude evaluates it against your rules and returns a verdict in seconds.

3

Audit trail — zero developer effort

Every approved change gets a permanent JOPR reference ID written directly into the code. No copy-paste, no manual logging. The record is just there.

Built for enterprise compliance

🛡️

Tier 0 — Provider Policy Guard

Checks every diff against Anthropic, Google, OpenAI, and Mistral usage policies before evaluation. Blocks policy violations at the gate.

⚖️

Three-tier constitution

Tier 1 Constitution, Tier 2 Rules, Tier 3 Guidelines — each with its own authority level, approval workflow, and escalation path.

📋

Compliance reports

Generate SOC 2 Type II and EU AI Act conformity packages on demand. Evidence automatically gathered from your audit trail.

🔗

CI/CD integration

REST API endpoint accepts any git diff and returns a structured JSON verdict. Drop it into GitHub Actions, GitLab CI, or Jenkins in minutes.

💻

Works with VS Code + GitHub Copilot

Joplin lives in the context window — no extension needed. Your rules are already there when Copilot, Claude, or any AI assistant generates code.

🔒

Tamper-evident audit log

Hash-chained audit trail. Every evaluation is cryptographically linked to the previous one — deletion or modification is detectable.

📬

Governance escalation

Scribe tickets route rule change requests to the right approver — CIO, Lead, or Developer — with email notifications and one-click approval.

Live demo

Joplin loads your compliance rules into the AI context window. The AI already knows what's allowed.

No additional work needed.

AI Context Window ● Joplin active
system — injected by Joplin COS
user — chat to AI
author:

Evaluated by Claude against real governance rules — live on AWS

Pricing

Self-hosted on your own infrastructure. You bring your own Anthropic API key — AI evaluation costs go directly to Anthropic, no markup.

One HIPAA violation costs $50,000–$1.9M in fines. Joplin pays for itself on the first near-miss.

Startup
$199/mo
Billed annually — $239/mo month-to-month
  • Up to 5 developers
  • 1 project / codebase
  • Pre-commit hook + CI/CD API
  • SOC 2 evidence package
  • Tamper-evident audit trail
  • Bring your own API key
  • Compliance profile reports
  • Multi-project support
Get started →
Most popular
Team
$499/mo
Billed annually — $599/mo month-to-month
  • Up to 20 developers
  • Up to 5 projects
  • Pre-commit hook + CI/CD API
  • All compliance reports — SOC 2, EU AI Act, HIPAA, GDPR
  • Tamper-evident audit trail
  • Bring your own API key
  • Scribe governance workflow
  • Email escalation alerts
Get started →
Enterprise
Custom
Volume pricing — contact us
  • Unlimited developers
  • Unlimited projects
  • Everything in Team
  • Multi-tenant org isolation
  • Private cloud or on-premise deploy
  • SLA + dedicated support
  • Custom compliance profiles
  • Attorney-reviewed rule sets
Contact us →
Bring your own API key — always

Joplin uses your Anthropic (or Google Gemini) API key for evaluations. AI costs go directly to the provider at their published rates — typically $0.01–0.03 per evaluation with Claude Sonnet. No usage markup, no surprise bills from us.

Ready to govern your codebase?

Joplin COS is available for enterprise teams. Get in touch to discuss your compliance requirements.

Request access