Partnership exploration · Technical validation · Product definition

Halibut
Governed Operational Intelligence

A grounded product architecture combining operational intelligence, bounded AI execution, observability integration and evidence-driven release. It defines what is viable with technology available today—and what still requires specialist validation before production.

Observe · Understand · Decide · Execute · Learn
Human expert validation required Vietnam & Southeast Asia pilot-ready Globally extensible Strategic partnership & investment conversations welcome No unverified endorsements
01 · Product definition

One governed layer between intent and action.

Halibut does not replace every enterprise platform. It coordinates authority, execution, evidence and release across the systems organizations already use.

Primary product direction

Halibut Operational Intelligence

A control and evidence layer that receives a task, evaluates identity and policy, issues narrowly scoped authority, supervises execution and records resulting decisions and outcomes.

Primary outcome: AI-assisted work becomes bounded, inspectable, interruptible and attributable rather than operating as an unrestricted tool call.

Product mode to validate

Halibut Governed Web Builder

A visual and conversational building interface that translates an approved intent into a versioned project, executes generation and tests in isolated runners, previews the result and requires policy checks before deployment.

Primary outcome: users gain accessible creation while Halibut adds controlled execution, evidence, change review and deployment governance.

Product boundary: Halibut is not proposed as a replacement for every observability platform, ERP, CRM or website platform. Its defensible role is the governed operational layer connecting intent, authority, execution, evidence and release.
02 · Grounded reality check

Claims follow evidence.

The framework separates what is technically viable, what requires an integration spike and what must not be presented as proven before independent validation.

StatementAssessmentProduction interpretation
Short-lived signed capability tokens can constrain agent actions. Technically viable Requires explicit scopes, audience, expiry, request binding and deny-by-default verification. Token format alone does not provide authorization correctness.
PASETO v4.public can use Ed25519 and managed KMS signing. Integration spike The signing input must be constructed exactly to specification. Interoperability and official test vectors must be validated.
Cloudflare Workers can serve as unrestricted build/test pods. Do not claim Use isolated containers or jobs for general code generation, build and test. Workers may handle edge APIs, lightweight checks and orchestration.
Opik is a security information and event management system. Do not claim Opik is for LLM and agent observability, evaluation and tracing. Security decisions should also flow to a security log platform or SIEM.
Halibut is SOC 2 compliant after controls are implemented. Do not claim Controls may support readiness. Only an independent qualified CPA firm can issue a SOC 2 report.
Fixed latency, cost, throughput or audit outcomes are guaranteed. Remove These depend on workload, region, vendors, scope and operating maturity. They must be measured in a prototype and pilot.
03 · High-level architecture

Control plane, execution plane and evidence plane.

The architecture keeps human authority explicit, AI recommendations bounded and every material action attributable.

Experience plane
Operator ConsoleWorkflows and approvals
Web BuilderPrompt and visual editor
Partner APIsExternal systems
Enterprise InterfacesERP, CRM, WFM, OT and data
Halibut control plane
AdmissionIdentity, tenant and request
Policy EngineRBAC, ABAC and rules
Authority ServiceShort-lived scoped authority
GateVerify, enforce, allow or stop
Execution and evidence plane
Isolated RunnerGenerate, build and test
Artifact StoreVersions and outputs
Decision LedgerAppend-only evidence
Telemetry RouterOpenTelemetry, AI traces and alerts

Reference responsibilities

  • Admission: authenticate the caller and resolve tenant, task and requested action.
  • Policy: evaluate roles, attributes, environment, project state and risk constraints.
  • Authority: issue short-lived audience-bound authority with a key identifier.
  • Gate: validate policy version, request identity and execution limits.
  • Runner: execute in a constrained environment with network, filesystem, CPU and time limits.
  • Ledger: record immutable decision facts and evidence.

Recommended technology choices

  • Choose Go, Rust, Java or TypeScript according to team capability; avoid unnecessary polyglot complexity initially.
  • Use OPA/Rego or equivalent after a policy-model spike.
  • Use PostgreSQL for transactional state; add Redis only where short-lived atomic state creates value.
  • Use container-based runners; introduce Kubernetes only when scale or isolation requirements justify it.
  • Use OpenTelemetry for vendor-neutral instrumentation, Opik for AI traces and a separate security-log destination.
  • Select KMS or HSM-backed signing after deployment-region and compliance review.
04 · Operational flow

From intent to controlled release.

Halibut maintains task state, policy state, approvals and execution results explicitly—not hidden inside a conversation.

01
Intent
Human or AI asks
02
Interpret
Structured task manifest
03
Authorize
Policy decision
04
Execute
Bounded runner
05
Observe
Traces, metrics and evidence
06
Decide
Release, revise or stop

Operational state

Task, project, environment, approvals, policy version and execution result remain explicit and reviewable.

Decision intelligence

The first production version should rely on deterministic rules and measured signals. AI may summarize or recommend; it must not silently override authorization.

Human control

Production deployment, secret access, data export and policy modification require stronger authentication or explicit approval.

05 · Governed builder mode

A constrained builder is more credible than an uncontrolled generator.

The builder is a focused product mode for validating how governance can remain visible throughout AI-assisted creation.

Viable first product experience

  1. User describes a website or selects a structured template.
  2. Halibut creates a manifest for pages, components, data, integrations and constraints.
  3. An AI model proposes code and content inside an isolated workspace.
  4. Automated checks run: dependency policy, secret scan, lint, tests, accessibility and build.
  5. The user previews a versioned artifact and reviews changes.
  6. Halibut Gate evaluates deployment authority and environment policy.
  7. Approved artifacts deploy through a supported adapter and evidence is recorded.

Do not attempt in the first release

  • Full parity with mature visual editors.
  • Arbitrary untrusted plugins without sandbox and review.
  • Automatic production deployment without explicit controls.
  • Universal framework or cloud claims.
  • Compliance guarantees embedded in marketing language.
Begin with one component system and one deployable stack. Repeatability, visibility and control matter more than breadth.
06 · Parallel positioning

Complementary, not artificially competitive.

Halibut can integrate with established observability and creation platforms while owning the authority-and-evidence layer between them.

Halibut

Governed authority and execution

  • Admission and policy
  • Scoped execution authority
  • Isolated build and test
  • Decision ledger
  • Approval and release gates
Opik

AI observability and evaluation

  • Traces and spans
  • LLM evaluation
  • Experiment visibility
  • OpenTelemetry integration

Halibut can send AI traces to Opik rather than duplicating its established observability role.

Wix and modern builders

Accessible site creation

  • Visual editing
  • AI-assisted creation
  • Frontend and backend APIs
  • External integrations

Halibut differentiates through task-level AI execution governance and portable evidence—not through unsupported security comparisons.

The missing-layer thesis: observability platforms observe AI behavior; builder platforms help create and operate digital experiences. Halibut can occupy the complementary layer that decides what AI-assisted operations are allowed to do, executes them within bounded infrastructure and records evidence across the workflow.
07 · How the model was tested

First exercised as a human-orchestrated workflow.

Before Halibut existed as software, its operating logic was practiced manually during AI-assisted product and infrastructure work.

Business intent
Goal, constraints and quality barThe mission is defined before execution.
Human Halibut
Isha routes and governsTask choice, model choice, sequence and approval remain human-led.
Architecture partner
Challenge, sequence and guardrailsAssumptions and acceptance criteria are clarified.
Implementation AI
Build and analysisDefined work is executed under the stated constraints.
Human review
Build, test, continue or stopOutputs are inspected before the next phase.

What Isha performed

  • Translated business intent into narrow operational instructions.
  • Selected AI models according to task strength and risk.
  • Observed outputs and detected possible drift before code creation.
  • Controlled handoffs across planning, implementation, testing and approval.
  • Protected cost, quality and sequence by preventing unnecessary reruns.

What implementation AI performed

  • Executed defined implementation and analysis tasks.
  • Produced code, documentation and technical reasoning under human direction.
  • Responded to corrections and architecture constraints before committing work.
  • Provided visible intermediate outputs supporting supervision.

What the architecture partner performed

  • Decomposed complex tasks before implementation.
  • Identified when a stronger model or different sequence was appropriate.
  • Challenged assumptions and clarified acceptance criteria.
  • Supported decisions to proceed, pause or revise.

Observed result: deliberate task routing, staged approvals and visible handoffs reduced avoidable rework and improved implementation discipline. This is product-discovery evidence—not proof of production security, autonomous reliability, regulatory compliance or endorsement by any model provider.

Manual behaviorHalibut product equivalentRequired validation
Isha selected the appropriate model.Routing policy based on task type, sensitivity, cost and capability.AI systems expert validates routing and fallback criteria.
Isha narrowed the task before code generation.Structured task manifest defining allowed actions, files, limits and acceptance criteria.Security architect validates scope semantics and deny-by-default behavior.
Isha watched for drift and redirected work.Execution traces, checkpoints, policy events and human intervention controls.AI expert validates which signals are reliable enough for supervision.
Work moved through deliberate phases.State machine for plan, approve, execute, test, review and release.Platform engineer validates durability, retries, idempotency and recovery.
Outputs were tested before acceptance.Isolated runner, automated checks, artifact versioning and release gate.AppSec and SRE validate isolation, dependency controls and resilience.
08 · Expert validation

Production credibility requires independent specialists.

AI review can support analysis, but it is not a certification, security sign-off or substitute for qualified human accountability.

ValidatorRequired decisionEvidence expected
Principal Security ArchitectThreat model, trust boundaries, key custody, revocation, runner isolation and fail-closed behavior.Signed architecture review, misuse cases, acceptance criteria and unresolved-risk register.
Senior Platform / SRE EngineerTopology, capacity, queues, databases, disaster recovery, observability and runbooks.Infrastructure prototype, load tests, recovery exercise and measured cost model.
Application Security EngineerPath traversal, dependency attacks, prompt-to-tool escalation, token replay and cross-tenant isolation.Independent review, penetration tests and remediation verification.
Specialized AI Systems ExpertAgent architecture, model/tool contracts, evaluation sets, containment and approval placement.Evaluation protocol, failure taxonomy, model-agnostic interfaces and measured reliability.
GRC / Privacy CounselSystem boundary, data classification, vendor obligations, regional requirements and controls.Control matrix, data-flow inventory, retention schedule and policy set.
Frontier model reviewCritique manifests, policies, failure cases and developer documentation.Recorded findings reviewed and accepted by a responsible human expert.
09 · Validation timeline

Careful, but fast enough for a moving market.

These are planning ranges—not delivery guarantees. Work can overlap where risk allows, but security architecture and data handling should not be deferred until after external use.

Phase 0

Definition and threat model

2–3 weeks

Confirm use cases, boundaries, data classes, trust assumptions, token alternatives and validation team.

EXIT · ARCHITECTURE DECISION
Phase 1

Vertical technical prototype

4–6 weeks

One task flow from request → policy → authority → isolated execution → evidence → preview.

EXIT · MEASURED POC
Phase 2

Controlled design-partner pilot

6–10 weeks

One stack, limited integrations, human approvals, operational dashboards and incident exercises.

EXIT · PILOT REVIEW
Phase 3

Production hardening

8–16+ weeks

Independent AppSec, tenant isolation, DR, SLOs, privacy controls, support model and evidence readiness.

EXIT · GO / NO-GO
10 · Product prototype

Governance becomes visible inside the interface.

This console is an interface concept—not a functioning security implementation. It demonstrates how creation, authority, checks and release evidence can be made visible in one workflow.

Live preview · Artifact #hbt-0241

Customer Operations Portal

Track requests, approvals and delivery status.

Submit a request
12Open requests
3Pending approval
11 · Feasibility conclusion

Technically feasible. Production viability must be earned.

The necessary components exist today, but the product becomes credible only through a narrow use case, measured evidence and controlled external validation.

Why Halibut is possible now

  • Managed asymmetric signing and public-key verification are available.
  • Policy engines, container isolation, CI runners and transactional databases are mature.
  • OpenTelemetry provides vendor-neutral traces and metrics.
  • Established tools provide AI/agent observability destinations.
  • Modern site platforms show that visual and AI-assisted creation is commercially understood.

What determines whether it becomes real

  • A narrow first use case with a repeatable operational outcome.
  • Independent validation of security, AI behavior and operations.
  • Measured evidence instead of projected performance claims.
  • A controlled runner and explicit policy model.
  • A design-partner pilot testing usability and willingness to adopt.
Final position: Halibut is technically feasible as a governed AI operations layer and as a constrained governed builder using technology available today. Production viability is not yet proven; it must be earned through architecture review, a vertical prototype, a controlled pilot and independent security validation.
12 · Grounding sources

Official documentation.

The technical claims in this framework should be checked against current primary sources during implementation and specialist review.

Strategic collaboration

Help validate the next operational intelligence layer.

ViTech Intelligence welcomes constructive feedback from enterprise operators, security and platform specialists, potential design partners, strategic collaborators and aligned angel investors interested in developing a grounded, accountable and regionally adaptable Halibut OS.