Execution decision layer
AI can be right — and still trigger the wrong action.
Zorelan evaluates proposed AI actions against your policy and returns ALLOW, REVIEW, or BLOCK — before anything hits your backend.
No signup required to try the demo.
Zorelan BLOCKED it ✅
Zorelan runs after model generation and before execution. It does not replace your models — it decides whether their proposed actions are safe to run.
Correct-sounding reply. Unsafe action.
“I have issued your full refund of $180.”
{
"type": "refund_customer",
"parameters": { "amount": 180, "currency": "AUD" },
"reversible": false,
"context": { "order_status": "delivery_unconfirmed" }
}- auto_allow_limit: $100 AUD
- absolute_review_limit: $1,000 AUD
- require_delivery_confirmation_above_auto_allow_limit: true
Refund of $180 is above the policy's auto-allow limit ($100) and delivery is not confirmed.
delivery_confirmed — required for refunds above the auto-allow limit.
Block execution. Request delivery confirmation, then re-evaluate.
See the full interactive flow in the structured demo →
One call, before the action runs
Send the proposed action and the policy it must satisfy. Branch on the verdict.
const decision = await zorelan.evaluateAction({
user_request,
model_output,
proposed_action,
policy,
});
if (decision.verdict === "ALLOW") executeAction();
if (decision.verdict === "REVIEW") routeToHumanReview();
if (decision.verdict === "BLOCK") blockExecution();Gate execution on decision.verdict. Full reference in the API docs →
Typed refund enforcement
For refunds, Zorelan enforces your typed policy.controls.refund (limits and confirmation) and returns ALLOW, REVIEW, or BLOCK — a repeatable check, not a model guess.
Honest policy matches
A refund decision cites the typed controls it actually applied. Free-text rules are explanatory context only and are never presented as enforced.
Missing-context detection
When a decision depends on information you did not send (such as delivery confirmation), Zorelan surfaces it as missing context instead of guessing.
Fail-safe by default
Account deletion returns BLOCK or REVIEW; subscription and CRM changes, and unknown actions, route to human REVIEW. No action is auto-approved on a caller-supplied boolean alone.
Prompt verification (multi-model comparison and trust score) remains available separately as the legacy /v1/decision path. The execution gate above does not rely on multi-model arbitration today.