Framework-specific (LangGraph, CrewAI, etc.) or framework-agnostic?

Framework-agnostic. The course teaches the Platform Protocol — ~15 API calls that every agent calls through regardless of the framework underneath (LangGraph, CrewAI, OpenAI Agents SDK, custom). Your existing framework choice doesn't matter.

What's the Platform Protocol?

The middleware contract that sits between any agent and the platform services (auth, guardrails, context, observability, audit, HITL). Modules 2–5 build it. The capstone is the full Trust & Governance Middleware you can drop into any agent project.

Will my CISO actually approve this architecture?

That's the design goal. The course is explicitly about the architecture a security-conscious org will sign off on: auth at the entry, guardrails on every action, full audit trail, HITL on consequential decisions. We don't promise a specific CISO approval — but we show the pattern they ask for.

Do I need E1 and E2 first?

E1 yes, E2 strongly recommended. The Platform Protocol assumes you're comfortable with evaluation-first development (E1) and you understand trust gating (E2). If you skip them, plan extra hours or take the Engineering Series bundle.

Stack / infra requirements?

Python, Docker, an LLM API. Optional: a vector DB for the context module (Qdrant or pgvector). The capstone runs locally with docker compose.

25–35 hours across 6 modules. Module 4 (Context Routing & LLM Gateway) is the heaviest — it's where most of the real-world complexity lives.

Can my company pay for this?

Yes. AI platform / infra teams approve this routinely. Invoices issued. Email hello@cohorte.co subject 'Reimbursement.'

What's the refund policy?

€197 courses are non-refundable. The Engineering Series bundle (€797) offers a 14-day conditional refund.

Engineering Series · Course 3 of 6

// Not a black box. A system.

Building Accountable AI Agents.
The architecture that escapes Pilot Purgatory.

The 4-layer AI OS architecture. 7 Platform Services. The Platform Protocol: ~15 API calls that govern any agent, regardless of the framework underneath. The system a CISO will actually approve.

lessons

modules

8–10

weeks self-paced

Get on the waitlist

€197 one-time · lifetime access

Lifetime access · Self-paced · Full code repo (Apache 2.0)

The gap

Your agents work.
Nobody knows how.

The agent works. It does the thing. Stakeholders are impressed. Then compliance asks: "Can you show me the decision trail for this output?" Silence. "Can you show me which version of the prompt produced this result?" Silence. "Can you show me what data the agent accessed?" Silence.

The agent works. But nobody can prove how. Nobody can audit what it did. Nobody can reproduce the decision. Nobody can explain why it chose option A over option B on Tuesday at 3 PM.

That is not an engineering problem. That is a governance problem. And governance cannot be bolted on after the fact. It has to be the architecture.

"Governance is not a feature of the platform. Governance is the platform."

The platform protocol · Layer 3

~15 API calls. Every agent calls through them.

Layer 3 is the Trust & Governance Middleware. It sits between your agents and everything else. Every cross-boundary interaction passes through these seven services. Vendor-neutral. Framework-agnostic.

PLATFORM PROTOCOL · 7 SERVICES

auth→SSO, JWT, role and agent permissions

guardrails→YAML policies, input and output scanning

actions→Risk-classified 3-tier approval, kill switches

context→Permission-filtered data access, caching

gateway→DLP scanning, cost metering, model routing

monitor→Behavioral observability, anomaly detection

audit→Immutable, append-only decision trail

The method

26 lessons. 6 modules.
One Trust & Governance Middleware.

Each module builds one layer of the architecture. By the end, you have a full Layer 3 middleware with all 7 services running and a governed agent calling through it.

Module 1 · Primer 00

"From agent to accountable system."

The Architecture

The agent fantasy vs the 4-layer architecture. The 7 design principles (Accountability over Autonomy, Governance First, Vendor-Neutral). Pilot Purgatory: why 90%+ of AI pilots never reach production. Build vs buy: what exists and what you must build.

4 lessons

Module 2 · Service 1 01

"Identity for AI systems."

Auth & Permissions

Agents as non-human enterprise identities. User permissions ≠ agent permissions (agent permissions are always a strict subset). Role-based plus agent-level plus per-action tiering. agent-auth: SSO with OIDC, JWT issuance, agent profiles.

Lab: Build the Auth service with SSO, JWT, role and agent permission model

4 lessons

Module 3 · Services 2-3 02

"Policies that govern. Kill switches that work."

Guardrails & Action Control

Declarative YAML policy engine that compliance teams can read. Input and output guardrails: PII detection, injection scanning, hallucination flags before responses ship. Action lifecycle state machine. Risk classification: read, write internal, write external, irreversible. 3-tier approval routing. Kill switch engineering.

Lab: Guardrails Engine + Action Service with 3-tier approval routing

5 lessons

Module 4 · Services 4-5 03

"Data access is a permission decision."

Context Routing & LLM Gateway

Context routing as a governance function. Intent parsing, source resolution, permission filtering, relevance ranking, token budget truncation. LiteLLM integration for vendor-neutral LLM access. The Gateway: DLP scanning, server-side cost metering, budget enforcement, model routing.

Lab: Context Service + LLM Gateway. Same query, different roles, different context.

4 lessons

Module 5 · Services 6-7 04

"Is it right? Not just is it on?"

Monitor, Audit & HITL

Behavioral observability: accuracy, hallucination rate, policy violations, cost per task, drift. agent-monitor as the open-source observability layer. Immutable, append-only audit log. Human-in-the-loop engineering: approval queues, escalation paths. The Platform Protocol implemented end-to-end.

Lab: Monitor + Audit Trail + HITL + Platform Protocol (OpenAPI spec)

5 lessons

Module 6 · Capstone 05

"Layer 3, assembled."

The Trust & Governance Middleware

Assemble all 7 services into the complete Layer 3 middleware. Connect a local agent through the AIOS Connector. Run "Sarah's Tuesday Morning": authenticate, request context, draft email, submit action, Tier 2 approval, execute, audit trail. Deploy with Docker Compose (PostgreSQL, Redis, Gitea, FastAPI).

4 lessons + capstone

The capstone arc · across the series

One project. Six courses. Six layers.

In E3 your E1+E2 capstone gets the full governance middleware. The same project carries forward through E4 to E6 into a deployed Enterprise AI Operating System.

E1 · Done

Foundation

Versioned prompts. Multi-model. MCP. GRAIL eval. Logging.

E2 · Done

+ Trust

Self-consistency. TrustGate. Reliability guarantees. Drift detection.

E3 · Now

+ Governance

7 services. Platform Protocol. ~15 APIs.

+ Security

Guardrails. Agent Auth. Sandboxing. Red-team tested.

+ Context

Multi-source. RAG. Context Router. RBAC.

Full Platform

All 4 layers. Org Agents. Intelligence. Desktop Shell.

Prerequisites & tech stack

What you need. What you'll use.

Prerequisites

E1 and E2 completed (or equivalent experience building production AI services with trust measurement). Comfortable with API design and basic web architecture. Python, FastAPI familiarity assumed.

Tech stack

Python 3.12, FastAPI, PostgreSQL 16, Redis 7, Docker Compose, Gitea, LiteLLM, Authlib. Open-source repos (Apache 2.0): agent-auth, guardrails, context-router, agent-monitor, trustgate.

Honestly

This is for you if:

→You build AI agents and need them to pass compliance review on day one

→You need audit trails, decision logs, and reproducible outputs

→You want a framework-agnostic governance architecture (LangChain, CrewAI, AutoGen, custom)

→You've completed E1 and E2 or have equivalent production AI experience

→You're building agents for enterprise, not just demos

Don't take this if:

→You want to build your first agent. Start with the AI OS Course or E1.

→You haven't built a production AI service with trust measurement. Do E1 + E2 first.

→You're building personal productivity agents. See the One-Person AI Company.

Pricing

One price. Lifetime access.

€197

One-time payment. Lifetime access. All future updates included.

26 lessons across 6 modules (video, written, runnable code)
4-layer architecture reference implementation
7 Platform Services with full production code
The Platform Protocol with OpenAPI spec and FastAPI endpoints
"Sarah's Tuesday Morning" capstone and full code repo (Apache 2.0)

3 months in the Engine Room. Where alumni and operators go to get unstuck.

Get on the waitlist

Lifetime access. All future updates included.

Want all six courses?

See the Engineering Series bundle →

FAQ

Before you ask.

The questions we hear most. If yours isn't here, email [email protected].

Framework-specific (LangGraph, CrewAI, etc.) or framework-agnostic?: Framework-agnostic. The course teaches the Platform Protocol — ~15 API calls that every agent calls through regardless of the framework underneath (LangGraph, CrewAI, OpenAI Agents SDK, custom). Your existing framework choice doesn't matter.
What's the Platform Protocol?: The middleware contract that sits between any agent and the platform services (auth, guardrails, context, observability, audit, HITL). Modules 2–5 build it. The capstone is the full Trust & Governance Middleware you can drop into any agent project.
Will my CISO actually approve this architecture?: That's the design goal. The course is explicitly about the architecture a security-conscious org will sign off on: auth at the entry, guardrails on every action, full audit trail, HITL on consequential decisions. We don't promise a specific CISO approval — but we show the pattern they ask for.
Do I need E1 and E2 first?: E1 yes, E2 strongly recommended. The Platform Protocol assumes you're comfortable with evaluation-first development (E1) and you understand trust gating (E2). If you skip them, plan extra hours or take the Engineering Series bundle.
Stack / infra requirements?: Python, Docker, an LLM API. Optional: a vector DB for the context module (Qdrant or pgvector). The capstone runs locally with docker compose.
Time commitment?: 25–35 hours across 6 modules. Module 4 (Context Routing & LLM Gateway) is the heaviest — it's where most of the real-world complexity lives.
Can my company pay for this?: Yes. AI platform / infra teams approve this routinely. Invoices issued. Email [email protected] subject 'Reimbursement.'
What's the refund policy?: €197 courses are non-refundable. The Engineering Series bundle (€797) offers a 14-day conditional refund.

Governance is not a feature.
Governance is the platform.

The 4-layer architecture. 7 Platform Services. ~15 API calls. Full audit trail. The system that escapes Pilot Purgatory. €197. Lifetime access.

Get on the waitlist

See the full series: The Engineering Series

Building Accountable AI Agents.The architecture that escapes Pilot Purgatory.

Your agents work.Nobody knows how.

~15 API calls. Every agent calls through them.

26 lessons. 6 modules.One Trust & Governance Middleware.

The Architecture

Auth & Permissions

Guardrails & Action Control

Context Routing & LLM Gateway

Monitor, Audit & HITL

The Trust & Governance Middleware

One project. Six courses. Six layers.

What you need. What you'll use.

Prerequisites

Tech stack

This is for you if:

Don't take this if:

One price. Lifetime access.

Before you ask.

Governance is not a feature.Governance is the platform.

Building Accountable AI Agents.
The architecture that escapes Pilot Purgatory.

Your agents work.
Nobody knows how.

26 lessons. 6 modules.
One Trust & Governance Middleware.

Governance is not a feature.
Governance is the platform.