Platform
Guardrails: informed-consent governance for AI-written code
AI can write the change in minutes. Guardrails makes sure the right human understood it and agreed to it — and can prove that later.
Guardrails is Ciao's governance layer for AI-written code. It maps code into business areas, detects risky changes, applies plain-English policies, records human review and leaves an immutable audit trail behind every merge. Unlike blanket approval queues, Guardrails routes each change by what it actually touches — so payments edits get senior eyes while copy tweaks flow through.
Published 2026-07-03 · Last updated 2026-07-03
Speed without informed consent is just risk
AI makes changes cheap to produce. It does not make them cheap to be wrong about. When a plain-language request can modify billing logic in minutes, the question stops being "can we ship this" and becomes "who understood what this change does, and did they agree to it?" Most teams answer with either a bottleneck — every change waits on a senior engineer — or a shrug.
Guardrails is Ciao's answer: informed-consent governance. It maps code into business areas, detects risky changes, applies plain-English policies, records human review and leaves an immutable audit trail behind every merge. Routine changes flow; consequential ones get the right human, with the right context, on the record.
How Guardrails works
Guardrails sits between a proposed change and a merge. Here is what happens in between.
1. Map the code into business areas
A taxonomy connects files and functions to what they mean commercially: payments, authentication, personal data, pricing, integrations. Governance starts from what a change touches, not which folder it sits in.
2. Detect risk in every change
Detectors examine each proposed change for what it modifies — a schema migration in a billing table reads very differently from a copy tweak on the landing page.
3. Apply plain-English rules
Policies are written the way leadership actually thinks: "changes to payment flows need review by a senior engineer", "anything touching personal data needs a named approver". There is no policy language to learn.
4. Route by seniority
Seniority tiers direct each decision to someone with the authority to make it. Juniors are not asked to sign off on billing; seniors are not interrupted for copy.
5. Record the decision
Review is captured as informed consent: who looked, what they were shown, what they approved. Approval means something because the context is preserved with it.
6. Keep the trail immutable
Every merge carries its history in an append-only audit trail — usable in an incident review, a client dispute or a compliance audit.
Why it matters
Governance usually fails in one of two directions: it blocks everything and gets bypassed, or it stamps everything and means nothing. Proportionate review — routed by real risk, recorded with real context — is the version that survives contact with a fast-moving team.
It is also the piece that makes AI-assisted development defensible to the rest of the organization. Compliance, security and clients do not have to trust that changes were reviewed; the trail shows it, merge by merge.
There is a team-shape angle too. The people shipping with AI are increasingly mixed — engineers, operators, domain experts — and Guardrails is what lets that mix be safe. The person who wrote the prompt does not have to be the person qualified to approve the change, because the routing already knows the difference.
Who uses Guardrails
- CTOs and engineering leaders — Set the rules once, in plain English, and let review effort concentrate where the taxonomy says the risk is.
- Compliance and risk teams — Read the current policies and inspect the trail without learning the codebase — the rules are written in their language.
- Teams in regulated industries — Financial services, insurance and healthcare operations teams that need evidence of review, not assurances of it.
- Agencies — Show clients that changes to their production applications passed review — with the record to prove it.
Security and governance notes
- ✓ The business-area taxonomy covers payments, auth, personal data and other protected zones.
- ✓ Detectors flag risky changes before merge, not after deploy.
- ✓ Policies are plain English, readable by non-engineers, and versioned like everything else.
- ✓ Seniority tiers route each decision to a reviewer with matching authority.
- ✓ Review is recorded as informed consent — reviewer, context and decision together.
- ✓ The audit trail is append-only and immutable behind every merge.
Example policies in practice
Policies read the way you would say them out loud.
| Plain-English rule | What Guardrails does with it |
|---|---|
| Changes to payment flows need senior review | Routes any change touching the payments area to the senior tier and holds the merge until review is recorded |
| Anything reading personal data needs a named approver | Detects data-access changes and requires an identified human to consent, on the record |
| Schema migrations need a second reviewer | Flags migrations regardless of which feature produced them |
| Copy and style changes flow freely | Low-risk areas skip review entirely, so the fast path stays fast |
Frequently asked questions
Does Guardrails block merges?
A policy can require recorded human review before a change merges, and the merge waits until that review exists. What requires review — and from whom — is up to the rules your team writes.
Who writes the policies?
Usually engineering leadership with compliance input, precisely because they are written in plain English. There is no policy DSL to learn, and the current rule set is readable by anyone you give access to.
Will this slow the team down?
The design goal is proportionality. Low-risk changes flow without ceremony, while consequential ones get the right reviewer with context attached — so review effort concentrates where the taxonomy says the risk is.
What does an immutable audit trail mean concretely?
The record of prompts, reviews, merges and deploys is append-only: entries are added, never edited or removed. When an auditor or a client asks what happened, you replay the record rather than reconstruct it from memory.
Can we see Guardrails running on our own policies?
Yes — book a demo and bring two or three rules you would actually want enforced, phrased the way you would say them to a colleague. Serious production programs start at USD 10,000 per year.