EU AI Act Article 14 compliance ready

Your agents are taking
real-world actions.
Who's checking?

Heed intercepts AI agent actions before they execute and routes them to a human for approval. One API call. Full audit trail.

Works with LangChain, OpenAI Agents SDK, AutoGen, CrewAI, or plain HTTP.
If your agent can POST, it can use Heed.

Approval requests Live
The problem

AI agents break things
in new ways.

billing-agent: approved $47,200 refund
→ policy threshold: < $50,000 ✓

The policy loophole

Your agent followed the rules exactly. The rules were wrong for this case. Nobody reviewed it before the money left the account.

email-agent: sent campaign
→ recipients: all_customers (48,203) ✓

The blast radius

The agent was configured to send emails. Nobody specified that "send" meant "send to everyone, right now, with the draft copy."

code-agent: git push origin main
→ Friday 16:47 EST ✓

The Friday deploy

Your agent fixed the bug and pushed. Nobody told it that main is production, Friday is sacred, and this particular fix had a side effect.

These aren't hypotheticals. They're the support tickets developers are filing right now.
The problem isn't that your agents are bad. It's that consequential actions need a human in the loop — and nothing in your current stack provides that.

How it works

Three steps. One API.

01

Your agent calls Heed before acting

A single POST before any consequential action. Include what the agent wants to do, why, and where to send the decision.

POST /api/v1/hitl/requests X-API-Key: hd_live_... { "action": "send_refund", "summary": "Issue $4,200 refund
to ACME Corp (outside policy)"
, "context": { "amount": 4200, "customer": "ACME Corp" }, "callback_url": "https://app.co/decision" }
02

The right human gets notified instantly

Approval cards land in Slack or email with full context. One click to approve or reject. No login required. Works on mobile.

Slack notification
⏳ Approval required
billing-agent wants to issue a $4,200 refund to ACME Corp.
This is outside the standard policy threshold.
✓ Approve ✗ Reject
03

Your agent gets the decision via webhook

Decision POSTs to your callback URL with HMAC signature. The action executes. Everything is logged. You have a complete audit trail.

// Webhook payload → your callback_url { "id": "req_a3f5e2c1...", "status": "approved", "decided_by": "sarah@co.com", "decided_at": "2026-05-29T14:32:11Z", "action": "send_refund" } // Signed with HMAC-SHA256 // X-Heed-Signature: sha256=...
Not observability. Control.

Your competitors watch what agents did.
We control what they're allowed to do.

LangSmith, Langfuse and Humanloop are post-mortems. Heed is a gate.

Observability tools

What did my agent do?

Trace and log agent actions after they happen. Great for debugging. Too late to stop the $47K refund.

vs
Heed

Can my agent do this?

Intercept before execution. Human confirms. Then it happens — with a logged, audited paper trail.

Features

Everything you need.
Nothing you don't.

Policy engine

Configure rules per tenant. Actions that match auto-approve instantly. Everything else holds for human review. No code changes needed to update policies.

One-click approval

Email and Slack cards with approve/reject buttons. No login required. Works on mobile. The decision takes 10 seconds, not 10 minutes.

Immutable audit log

Every request, decision, and webhook delivery is logged append-only. SOC 2 and EU AI Act Article 14 ready. Know exactly what happened and when.

Webhook delivery

Decisions POST back to your callback URL, signed with HMAC-SHA256. Three retries with exponential backoff. Your agent always gets the answer.

Multi-tenant

Separate tenants, API keys, policies and audit logs per product or client. Stripe-style hd_live_ / hd_test_ key format.

Framework agnostic

Any language. Any agent framework. LangChain, OpenAI Agents SDK, AutoGen, CrewAI — or plain HTTP. If it can POST, it can use Heed.

Compliance

The EU AI Act requires human oversight. You need a paper trail.

"High-risk AI systems shall be designed and developed in such a way, including with appropriate human-machine interface tools, that they can be effectively overseen by natural persons during the period in which the AI system is in use."

— EU AI Act, Article 14 (Human Oversight)

If your agents touch healthcare, finance, legal, government, HR, or critical infrastructure, Article 14 applies. Heed gives you the human control layer and the audit trail to prove it.

  • Every agent action request logged with full context
  • Human decision recorded with timestamp and identity
  • Policy rules versioned and auditable
  • Immutable append-only event log — tamper-evident
  • Configurable approval expiry and escalation
  • On-premise deployment available for sovereign data requirements
  • MCP-native integration for Anthropic Claude and compatible agents
Pricing

Start free.
Scale when you need to.

No credit card required. Upgrade or downgrade anytime.

Free
$0
For evaluation and personal projects
  • 100 requests / month
  • 1 policy rule
  • Email notifications
  • 7-day audit log retention
  • 1 tenant
Starter
$29/mo
For small teams shipping agents
  • 2,500 requests / month
  • 5 policy rules
  • Email + Slack
  • 30-day audit log retention
  • 3 tenants
Enterprise
Custom
For regulated industries and government
  • Unlimited requests
  • SLA guarantee
  • SSO / SAML
  • On-premise deployment
  • SOC 2 Type II
  • EU AI Act compliance package
  • Dedicated support

Your agents are already running.
Make sure someone's watching.

Free to start. One API call to integrate. Works with every agent framework.

Get your API key — it's free → Read the docs