Do you know what's running, where it's deployed, and what data it can access? GatekeeperAI gives your team a safe place to build and deploy internal AI tools — and gives security the visibility and control to say yes with confidence.
The problem today
Employees build AI tools on personal accounts, unknown APIs, and unreviewed code. Security has no visibility. One incident away from a breach.
With GatekeeperAI
Every AI app lives on your servers, goes through an automatic risk check, and needs security sign-off before it runs. Innovation stays — chaos doesn't.
Build, check, approve, deploy, log. Your team keeps moving — nothing unsafe gets through.
It doesn't matter if they're an engineer or not. They compress their app into a ZIP file and upload it directly in the browser — no technical setup required.
1. Click "Submit App"
2. Give it a name
3. Upload your .zip file
→ Scan started automaticallyBefore anyone sees it, the app is scanned for exposed passwords, sensitive data, insecure packages, and AI-specific risks. No manual review of code required.
✓ No hardcoded passwords
✓ No customer data exposed
⚠ One outdated package flagged
✓ No unusual data connections
Risk level: low — ready for reviewThe risk report lands in a simple review queue. One click to approve or send back with feedback. Approved apps deploy automatically — rejected ones don't run.
App: internal-hr-assistant
Risk: LOW | Findings: 1
Approved by: sarah@company.com ✓
Deployed to: internal networkOnce approved, the app is deployed automatically inside your network. No manual setup, no IT ticket. Users get a private URL they can open in any browser.
✓ App deployed successfully
Accessible at:
https://apps.internal/hr-assistant
Visible to: company network only
Status: runningEvery approval, deployment, and security event is recorded with a full audit trail. Forward logs automatically to Splunk, Datadog, AWS CloudWatch, or Grafana Loki.
{
"event": "app.approved",
"actor": "sarah@company.com",
"app": "internal-hr-assistant",
"risk": "low",
"timestamp": "2026-06-15T09:12:34Z",
"destination": "splunk, cloudwatch"
}A simple interface for every role — developer, reviewer, and admin.
Developer view
Submit an app, track scan progress, and see exactly what was flagged.
Approver queue
Review risk reports, apply decisions, and meet SLA deadlines.
Admin & deployment logs
Monitor all deployments and audit every platform event.
Stop choosing between speed and security. GatekeeperAI gives you both.
Every app lives on your own servers. No third-party cloud, no data sharing, no vendor access. Your team's work stays inside your walls.
Every app goes through a review before it runs. Your security team sees exactly what was built, approves it or sends it back — with a clear paper trail.
Clean apps get the green light automatically. Developers keep building fast — Gatekeeper just makes sure nothing risky slips through.
The moment an app is submitted, Gatekeeper checks it for leaked passwords, exposed customer data, insecure dependencies, and more — automatically.
Every submission, review, and deployment is logged. Forward security events to Splunk, Datadog, AWS CloudWatch, or Grafana Loki automatically — or keep everything on-prem.
Developers just zip their app folder and upload it in the browser. No SSH keys, no terminal, no configuration — anyone who can build an app can submit one.
Instead of AI tools scattered across personal laptops and random cloud accounts, your team has one secure home for everything they build.
Developers can ship a new version of a running app at any time. The new container starts before the old one stops — users never see an outage, and the URL never changes.
GatekeeperAI runs on any server in your building or private cloud. Pre-built images pull straight from GitHub — no compilation, no SaaS account, no data leaving your network.
$ git clone https://github.com/jacobthomasmichael/GatekeeperAI.git
$ cd GatekeeperAI && cp .env.example .env
$ docker compose -f infra/docker-compose.yml pull
$ docker compose -f infra/docker-compose.yml up -d
→ Open http://your-server:3000 to complete setup