MANUAL · PROLOGUE
policy first.
execution second.
LumenFlow Cloud governs agent work by deciding what is allowed, where approval is required, and how evidence is retained while the work is happening.
Define what agents are allowed to touch
Policies, scope, and quality gates narrow the surface area before work begins so the control plane is enforcing rules, not just requesting good behavior.
Route risky actions through approval
Agents can continue quickly on routine work, but higher-risk changes pause behind human sign-off instead of slipping through unnoticed.
Capture evidence while work is happening
Receipts, traces, and state transitions accumulate as execution unfolds, giving teams a truthful explanation of what happened and why.
Export, inspect, and improve
Operators can review evidence, export records, and tighten policy or process over time instead of treating every run like a fresh black box.
Every important decision
should be legible.
Teams need more than a successful run. They need to know why a change was allowed, what evidence was attached, and whether a person was asked to approve it along the way.
Cloud does not replace the kernel.
The hosted control plane and the enforcement layer work together. That split is what gives teams both day-to-day usability and a believable governance story.
Kernel
The local enforcement layer evaluates scopes and policy decisions during tool use.
Cloud
The hosted control plane distributes policy, coordinates approvals, and stores evidence for teams.
Governed surfaces
Work surfaces like Sidekick stay useful, but they operate inside the same rule system instead of defining the category on their own.
Want the hosted control-plane view?
Start with Cloud to understand policies, approvals, evidence, and exports. Then explore Sidekick as one governed surface inside that system.