What is Viewport
The control plane for declarative agent governance: policy, routing, human gates, workers, side effects, and receipts.
Viewport is the team control plane for agent work.
The agent writes, investigates, tests, and proposes. Viewport governs the work around the agent: why the work started, what policy applies, what the agent may touch, where it runs, who approves it, which side effects execute, and which receipts prove the result.
The Core Idea
Viewport turns agent governance into committed config:
.viewport/
policy.yaml
routes/
github-pr.yamlIn the app, these become an Automation. The route says which events use a
policy. The policy says what the agent may do. The server composes a governed
run. A Viewport-managed cloud runner or a self-hosted vpd worker executes the
allowed work and syncs receipts back.
The Launchable Loop
GitHub event
-> route match
-> git-backed policy
-> composed run
-> managed or self-hosted runner claim
-> brokered checkout
-> plan-only agent
-> human approval
-> implementation agent
-> bounded branch + PR
-> Slack completion
-> run detail + receiptsThis is the path the early-partner product optimizes for.
The Pieces
The server authorizes governed work. The runner executes authorized work. Transport is just how assignments and receipts move.
What A Policy Answers
| Question | Product object | What it controls |
|---|---|---|
| What is this end-to-end path? | Automation | Trigger, route, policy, worker, run proof |
| What starts it? | Route | GitHub event, Slack event, schedule, or manual trigger |
| What can it touch? | Repos and fences | Repos, paths, branches, checkout and publish authority |
| Who approves? | Gates | Plan review, engineering review, security review, timeout behavior |
| What runs? | Invoke | Agent, role, mode, notification target |
| What actions happen? | Provider actions | GitHub PR, Slack message, future ticket/docs actions |
| What proves it? | Receipts | Usage, approval, branch/commit, PR, Slack permalink, audit packet |
What Viewport Is Not
- Not another coding agent. Claude, Codex, custom agents, and scripts remain execution engines.
- Not a broad automation token. Worker identity, repo access, provider actions, model keys, and context writes are separate.
- Not a generic billing platform. Billing exists to enforce workspace spend limits, managed-runner pass-through, and hard caps.
- Not a runner-only product. Managed cloud runners and self-hosted
vpdworkers are execution choices under the same governance layer. - Not compliance-grade tamper evidence yet. Receipts exist. Do not claim control-plane-blind or forgery-proof audit until the signing work is complete.