← Back to home
Draft — this is a baseline overview for evaluation. Review with security and legal counsel before relying on it contractually.

Security overview

Last updated: 27 June 2026 · Questions: team@kelhe.com

What Kelhe does

Kelhe is a hosted runtime risk engine. When you wrap a tool with guard(), each tool call your agent makes is sent to Kelhe's scoring API before it executes. Kelhe returns a risk score and a decision — allow, hold for a human, or block. Kelhe sits on the path of these actions, so it is designed to be trusted there.

Data we receive

To score a tool call, the SDK sends only what is needed to make a decision:

  • The tool name and its arguments
  • Relevant conversation or task context you choose to include
  • Your configuration (mode, risk threshold, environment)

You control what is sent and what is redacted before it leaves your environment. We recommend redacting secrets and unnecessary personal data at the wrapper.

How data is handled

  • Encrypted in transit. All API traffic uses TLS.
  • Not used to train models. Your tool calls and context are used to return a decision, never to train models.
  • Data minimization. We process only the context required to score a call.
  • Retention. Decision records and audit logs are retained for your account's configured period; retention windows and deletion requests are covered in the DPA.

Availability & fail-safe behavior

Failure behavior is configurable per environment. Choose fail-open (proceed if scoring is unavailable) or fail-closed (block until a decision is returned), so availability always matches your risk tolerance. Enterprise agreements include uptime and latency SLAs.

Audit & monitoring

Every score, decision, and reason is recorded and queryable, and can be exported to Splunk or your SIEM. Held actions can be routed to your approval and on-call workflows.

Access control

SSO/SAML and role-based policies (per team, environment, and tool) are available for enterprise. Internal access to customer data is restricted on a least-privilege basis.

Sub-processors

Kelhe relies on a small set of infrastructure sub-processors to operate the service. A current list is available on request and maintained in the DPA.

Deployment & data residency

Region pinning and private connectivity options are available for enterprise agreements. Contact us to discuss specific residency requirements.

Framework alignment

Kelhe is designed to support the controls common AI-governance frameworks ask for. It maps to these standards; it is not itself a certification.

  • NIST AI RMF. Independent runtime measurement and management of agent actions — every call is scored, decided, and recorded (Measure and Manage functions).
  • OWASP LLM Top 10 — LLM06 Excessive Agency. Enforces least-privilege on tool use by scoring and gating high-consequence actions before they execute.
  • EU AI Act. Provides demonstrable human oversight of consequential actions through hold-for-human approval and a complete decision record.
  • ISO/IEC 42001. Supports an AI management system with an auditable, exportable record of every decision and its reason.

Incident response & status

We operate a defined process for triaging and responding to security incidents and will notify affected customers without undue delay, consistent with the DPA. As a private-beta service, we onboard teams individually and share current operational and security status on request; status-page and formal notification commitments are part of enterprise agreements.

Compliance status

  • SOC 2 Type II — in progress
  • GDPR-aligned; DPA available on request
  • Data-minimization by design

Reporting a vulnerability

We welcome responsible disclosure. Please report suspected vulnerabilities to team@kelhe.com and allow us reasonable time to respond before public disclosure.

Contact

Security questions, documentation requests, and DPA requests: team@kelhe.com.