Fail-closed by construction.
Fail-closed Postgres RLS, S3 Object-Lock WORM, and an append-only audit chain — wired and tested before your first customer, not backfilled after your first audit.
$psql -c "select * from invoices"ERROR: permission denied for table invoicesDETAIL: RLS policy "tenant_isolation" forbids SELECT with no app.tenant set — fail-closed by default.
$ npx create-caisson@latest
The load-bearing infrastructure cheap boilerplates skip.
Happy-path starter kits get you a login screen. They do not get you through an audit. Retrofitting RLS, WORM storage, and an audit chain into a live multi-tenant database costs months. Start with them.
Prevention at the application layer — with the receipts.
Each control ships with a live artifact you can read, run, and hand to an auditor. No diagrams standing in for behaviour.
Postgres row-level security with FORCE — a query that never set the tenant context returns nothing, never everything. Cross-tenant isolation is a test in CI, not a convention you hope each developer remembers.
ALTER TABLE invoices FORCE ROW LEVEL SECURITY;SOC 2 CC6.1 · HIPAA §164.312(a)(1)
S3 Object-Lock in compliance mode. Inside the retention window an evidence object cannot be overwritten or deleted — not by an application bug, not by an operator, not by a leaked root key.
ObjectLockMode: COMPLIANCE · Retain: 7ySOC 2 CC7.2 · HIPAA §164.312(c)(1)
Every privileged action commits SHA-256 over the previous hash plus its own payload. Tampering with any historical row breaks every link after it — and the break is detectable, provable, and exportable.
sha256(prev ‖ payload) — verifyChain() over every rowSOC 2 CC7.2 · HIPAA §164.312(b)
One umbrella. No orphaned modules.
Compliance is the front door. Each edition is a composition of the same audited base — never a fork.
Fail-closed RLS, S3 WORM, append-only audit chain, per-tenant field encryption, and a SOC 2 / HIPAA evidence-pack generator.
ALTER TABLE evidence FORCE ROW LEVEL SECURITY;The production-rigor layer cheap AI boilerplate skips: token metering, spend caps, a circuit breaker, an eval harness in CI, and guardrails.
eval gate: regression detected → CI failsCompute seam, privacy gate, and on-device vector search. Your data never leaves the device. Own the source.
egress: blocked at the privacy gateThe governed-agent kernel: typed agent/skill/rule schema, a lifecycle state machine, and a hooks dispatcher.
agent · skill · rule — typed, validated, hookedCompose, don’t fork.
Every edition draws from the same audited base. Modules differ by composition, never by a divergent copy.
| Module | Compliance | AI Kit | Local-first | Agentic-Dev |
|---|---|---|---|---|
| Fail-closed RLS | ||||
| WORM evidence store | — | — | — | |
| Append-only audit chain | — | |||
| Per-tenant field crypto | — | — | ||
| Evidence-pack generator | — | — | — | |
| Token metering · spend caps | — | — | — | |
| Eval harness in CI | — | — | ||
| On-device vector search | — | — | — | |
| Governed-agent kernel | — | — | — | |
| Price | from $1,299 | from $599 | from $499 | from $499 |
One-time perpetual unless marked /mo. See the full lineup
Every claim is a check in CI.
The proof is the pipeline: the controls are verified on every commit, and the run is green.
Caisson is built and supported by Liam at GridWork Digital — a named engineer, not a ticket queue. Every customer gets a direct line to the engineer who builds it.
The honesty boundary is fixed: Caisson ships the technical controls and generates the evidence. Your organizational controls and the audit itself remain yours — we never imply a certification we don’t hold.
Start audit-ready.
Scaffold the audited base in one command, then add the edition you need.
$ npx create-caisson@latest