Production operations
Restart services, inspect approved logs, or run narrow remediation actions without exposing broad shell paths.
Fit
Where OpenScope Fits
Use OpenScope when the system owner does not want the agent to ever hold the raw primitive.
Enterprise agent workflows
In enterprise environments, the biggest question is often not whether an agent can be governed. It is whether the agent ever receives the dangerous primitive at all. OpenScope is strongest where privileged actions must stay tightly bounded.
Internal admin APIs
Broker access to sensitive admin endpoints through predefined actions instead of broad API credentials.
Sensitive databases
Expose approved reads or carefully constrained operations without handing over raw database connectivity.
Finance and support actions
Broker actions like refunds, account adjustments, or support lookups through explicit, reviewable operations.
Local and personal workflows
OpenScope also fits local and personal workflows where the concern is broad host power. Instead of giving an agent raw Apple automation or shell-level access, OpenScope keeps those permissions in a broker on the host.
OpenClaw on macOS
Use brokered Notes and Mail actions instead of handing the agent raw automation access.
Sandboxed NemoClaw
Keep the broker on the host while a sandboxed client calls through a socket or HTTP bridge.
Protected Notes and Mail access
Constrain folders, mailboxes, and action surfaces so the agent gets a narrower, safer interface.
Brokered extensions
OpenScope is not limited to built-in local actions. The same broker model can be extended to HTTP and SSH-backed operations while preserving the core trust boundary.
Jira over broker-owned HTTP profiles
Keep the Jira token in the broker and expose narrow actions such as get issue or search issues.
Scoped SSH service operations
Name specific targets and allowed services so the agent can request service status without broad shell access.
Custom app manifests
Define new app actions in YAML while preserving action-level policy and audit behavior.
Use gateways for broad governance. Use OpenScope where bypass resistance and key containment matter.
OpenScope is not a substitute for every governance tool. It is the layer for workflows where raw privileged access should disappear from the agent path. Many teams will use both: a gateway for traffic-plane governance and OpenScope for execution-plane containment.