Published report
OpenClaw 2026: governed vs ungoverned agent behavior in a controlled run
A controlled comparison showing what changes when the system moves from prompt-only constraints to enforceable tool-boundary control with evidence capture.
CAISI
Independent research and operating notes on AI agent governance.
CAISI / Research + Operating Notes
Centre for AI Security and Integrity
CAISI is an independent research and publishing site focused on AI agent governance. We publish reproducible case studies, artifact-backed reports, and operating notes for AppSec, platform, and engineering leaders who need to understand how agent systems behave once they can change real state. The site is organized around one rule: control claims should be measurable, not rhetorical. Research pages link headline numbers to published artifacts and deterministic queries. Blog collections explain the operating model behind those findings, including execution boundaries, approval mediation, proof quality, and safe AI adoption in delivery workflows.
Control before execution
Deterministic validation
Proof over narrative
About
Research that can be checked
We at CAISI publish independent, reproducible research on AI agent governance. Every headline claim is backed by machine-generated artifacts, deterministic queries, and open methodology. The point is not to add more rhetoric to the market. The point is to make the control problem visible and measurable.
Use the research hub when you want the primary artifact, the claims, and the study framing. Use the blog when you want the operating implications: repo contracts, orchestration, isolation, evaluation, discovery, policy, and proof of work for AI-generated change.
Research
Published reports and live builds
The research hub is the canonical entry point for report pages, methodology, and artifact-backed findings.
Published report
AI Tool and Agent Sprawl 2026
An `890`-target publication subset showing that public AI and agent adoption is easy to detect, but approved, deployable, and well-evidenced use is much harder to prove.
Blog
Collection-based operating notes
The blog is organized as a set of collections with clear jobs: one framework series, one executive adoption series, two report interpretation series, one benchmark series, two implementation series, plus a field guide and glossary.
Executive adoption series
From AI Pilots to Governed Adoption
Five posts on platform standards, sanctioned pathways, approval discipline, and how leaders move from AI pilots to governed use.
Framework series
AI Engineering Operating Notes
A 10-part framework on repo contracts, orchestration, isolation, evaluation, proof, and maturity.
Case-study series
What OpenClaw Taught Us About Agent Control
Four posts on stop behavior, discovery limits, boundary enforcement, and scope discipline.
Report series
What the Sprawl Report Means for Security and Platform Leaders
Four posts on approval opacity, evidence posture, deployability, and how to read public AI adoption data without overclaiming.
Benchmark series
How to Evaluate Agentic Control
Five posts on risk scenarios, control efficacy, proof completeness, and pilot evaluation language for buyers.
Implementation series
Invisible Write Paths
Discovery across local setup, repos, MCP configs, CI workflows, and the evidence layer security can defend.
Implementation series
Policy Before Action
Tool-boundary policy, MCP enforcement, signed traces, and deterministic regressions in CI.
Reference
Field guide, glossary, and author profile
These reference pages are separate from the series collections. Use them when you want one entry point to the CAISI vocabulary, the core governance concepts, or the author context behind the essays.
Team
CAISI contributors
Contact
Get in touch
For research questions, publication inquiries, or collaboration around reproducible AI governance work: research@caisi.dev