VINCHI — AI Agent Manager

Agents

Each agent, individually — what it does, owner, recent activity.

Risk

Email Agent · Inbox

Approvals

Human-in-the-loop for outbound — the agent drafts, you approve before it sends. Human-in-the-loop — every risky action waits here for your decision.

Pending approvals — actions your agents are waiting to take

Prove it can't be faked

Three steps. The tamper step runs the real Ed25519 + hash-chain verifier on a throwaway in-memory copy — your audit data is never touched.

1

Verify

Confirm every record is Ed25519-signed & hash-chained.

→

2

Tamper

Simulate editing one record — runs the real verifier, persists nothing.

→

3

Restore

Bring the chain back to its true, verified state.

Start with Step 1 — verify the live chain.

Audit trail

Tamper-evident · hash-chained + Ed25519

Agent From To

	Timestamp	Agent	Action	Triggered by	Approved by	Status

Compliance · EU AI Act

Designed to support documentation requirements (Art. 26.6)

Gap score: Audit-ready Live · derived from this org's agents & audit chain

✓

Named owners

Every agent has an accountable human owner — –.

Complete

✓

Tamper-evident audit

Append-only, hash-chained & Ed25519-signed — edits are detectable by anyone with the public key.

Active

✓

Human-in-the-loop on risky actions

Policy gate holds high-risk actions for explicit human approval before execution.

Enforced

✓

Audit-log retention

Records are append-only & immutable — every event is preserved with its hash and signature.

Immutable

✓

Regulator export

Signed CSV/JSON envelope, verifiable offline — .

Ready

Designed to support the documentation requirements of the EU AI Act (Art. 26.6). This is not a certification of compliance and offers no compliance guarantee. Informational — not legal advice.

Policy templates

Click-to-enable governance rules — enforced on every agent action

Custom rules

Build your own IF → THEN gates beyond the templates

IF over THEN

ISO/IEC 42001 readiness

AI Management System — complements the EU AI Act

ISO/IEC 42001 is the international standard for an AI Management System (AIMS). It overlaps heavily with EU AI Act documentation duties — the controls you already run here map onto several of its requirements.

✓

AI inventory (Clause 8 — operational planning)

Every agent is registered with owner, platform, model and risk level.

Mapped

✓

Roles & responsibilities (Clause 5)

Named accountable owner per agent — no owner, no action.

Mapped

✓

Operational controls (Clause 8)

Policy templates + approval gates hold risky actions for human review.

Mapped

✓

Monitoring & records (Clause 9)

Tamper-evident audit trail + exportable evidence for review.

Mapped

Supports preparation toward ISO/IEC 42001. Not a certification or audit; certification is issued only by an accredited body. Informational — not legal advice.

Ask VINCHI

Your AI assistant — agents, audit, approvals, or anything else

Team chat

Chat with your team — mention @VINCHI to bring her in Sign in to invite

Team chat opens once you create or join a real project.

Impressum & Datenschutz

DE — Rechtliche Angaben (Entwurf)

ENTWURF / PLATZHALTER. Vom Betreiber gemeinsam mit Steuerberater/Anwalt zu vervollständigen, bevor das Angebot öffentlich genutzt wird. Keine Rechtsberatung.

Impressum (Angaben gemäß § 5 TMG)

Betreiber / Diensteanbieter: [BETREIBER — Firmenname / juristische Person]
Anschrift: [Straße Nr.], [PLZ Ort], [Land]
Vertreten durch: [Geschäftsführer / verantwortliche Person]
Kontakt: E-Mail [kontakt@…] · Telefon [optional]
Registereintrag: [Amtsgericht / HRB-Nr. — falls vorhanden]
USt-IdNr. (§ 27a UStG): [DE… — falls vorhanden]
Verantwortlich i.S.d. § 18 Abs. 2 MStV: [Name, Anschrift]

Haftung für Inhalte/Links und Urheberrecht: Standardklauseln vor Veröffentlichung einfügen.

Datenschutzerklärung (DSGVO)

Verantwortlicher (Art. 4 Nr. 7 DSGVO): [BETREIBER — wie Impressum]
Erhobene Daten: Kontodaten (Name, E-Mail), Projekt-/Agenten-Daten, Audit-Protokolle (Aktions-Metadaten, Hash/Signatur) — keine rohen Inhalte, wo möglich nur Hashes.
Zwecke & Rechtsgrundlage: Vertragserfüllung (Art. 6 Abs. 1 lit. b) — Dienst; berechtigtes Interesse (lit. f) — Sicherheit/Audit.
Speicherdauer: Audit-Protokolle min. 6 Monate (unveränderlich); Kontodaten bis Kontolöschung.
Auftragsverarbeiter (Art. 28): [Hosting/DB: Supabase], [Hosting: Vercel], [KI: Mistral] — AV-Verträge (DPA) + ggf. Drittlandtransfer (SCC) prüfen/bestätigen.
Betroffenenrechte (Art. 15–21): Auskunft, Berichtigung, Löschung, Einschränkung, Übertragbarkeit, Widerspruch; Beschwerderecht bei einer Aufsichtsbehörde.
Kontakt Datenschutz: [datenschutz@…]

Vor Veröffentlichung: Liste der Auftragsverarbeiter + Drittlandtransfers mit Steuerberater/Anwalt verifizieren.

Settings

Sign in to manage your profile and project.

Dashboard

No active project yet

Agents

Anomaly detection

How to break it

Agents

Email Agent · Inbox

Approvals

Prove it can't be faked

Audit trail

Compliance · EU AI Act

Policy templates

Custom rules

ISO/IEC 42001 readiness

Ask VINCHI

Team chat

Impressum & Datenschutz

Impressum (Angaben gemäß § 5 TMG)

Datenschutzerklärung (DSGVO)

Settings

Profile

Project

Connect your agent

No active project yet

Agents

Anomaly detection

How to break it

Agents

Email Agent · Inbox

Approvals

Prove it can't be faked

Audit trail

Compliance · EU AI Act

Policy templates

Custom rules

ISO/IEC 42001 readiness

Ask VINCHI

Team chat

Impressum & Datenschutz

Impressum (Angaben gemäß § 5 TMG)

Datenschutzerklärung (DSGVO)

Settings

Profile

Project

Connect your agent

Sign in to VINCHI