ONSET

ONSET COMMAND · OVERSIGHT LAYER

The layer that watches every AI you ship.

Five oversight agents sit above every ONSET AI Employee — pre-screening outbound, gating irreversible actions, routing approvals, enforcing your margin, and writing a tamper-evident audit log. You stay in control by design, not by luck.

Most AI vendors sell agents. ONSET sells the layer that supervises them — with a Telegram-grade approval gate before any irreversible action lands, and a replayable audit trail for every move.

Talk to us on WhatsAppView Pricing
  • 5 oversight agents
  • 30-second cancel window
  • Hash-chained audit
  • PDPA Amendment Act 2024 aligned
  • ISO 42001 in pursuit

WHAT COMMAND ACTUALLY IS

It's the layer you don't see — until it stops something you would have regretted.

Most AI vendors ship an agent that does the work. ONSET ships the layer above that agent: five specialist supervisors that audit every move, gate every irreversible action, and write a tamper-evident record of who approved what.

The agents do the boring work — the 11pm WhatsApps, the chase-emails, the LHDN paperwork. Command makes sure they never do anything you didn't sign off on.

THE 5 AGENTS

Five jobs. Five specialists. One quorum.

Each agent owns one supervisory job. Together they form the control plane that makes AI safe enough to actually run a back-office.

01

SENTINEL

outbound integrity

scanning · 247 drafts/hr

Reads every reply before it ships.

Catches tone drift, unsupported claims, accidental discounts, leaked internal notes, PDPA opt-out violations. Pre-screens both AI-drafted and human-drafted outbound across WhatsApp, email, voice and social.

  • ·Brand-voice + tone check against your reference corpus
  • ·PDPA opt-out cross-reference before any contact send
  • ·Claim validation against your verified data (no LLM hallucinations)
  • ·Numeric guardrails (no off-pricing, no off-spec promises)

02

WATCHDOG

irreversible action gate

cancel window · 28s open

Opens a 30-second Telegram cancel window on every payment, post, delete.

Any action you can't undo — a refund, a public post, a deleted row, an LHDN submission, an outbound collections escalation — pauses for 30 seconds. You see the action, you see the reasoning, you tap once to kill it. Do nothing and it ships.

  • ·Configurable threshold per action type (e.g. all payments, refunds > RM 500)
  • ·Telegram-native (works on your phone, in WhatsApp-adjacent UX)
  • ·Logs every approval + every cancel + every auto-ship to PULSE
  • ·No autonomous-send override mode exists in the codebase

03

GUARDIAN

approval routing

approval pending · 3 items

RBAC + escalation. The right decision reaches the right human.

Maps every approval-needing action to the right approver: small refunds to your AR clerk, big refunds to you, contract-tier negotiations to the director. Escalates after configurable timeouts so nothing rots in a queue.

  • ·Role-based access control (owner, finance, ops, sales)
  • ·Per-action approval thresholds (RM amounts, action types)
  • ·Auto-escalation chain when the primary approver doesn't respond
  • ·Out-of-office mode redirects approvals to a backup approver

04

TREASURY

margin & cashflow

holding · RM 4,250 invoice

Enforces minimum margin, refund caps, collections legal-action gate.

A money-aware sentinel. Blocks any proposal under your minimum margin (platform floor is 60%, tunable), any refund above your cap, any collections message that would trigger legal exposure — before a senior human signs off.

  • ·Per-bundle margin floor (default 60%, configurable down to 40%)
  • ·Refund cap per transaction + per customer-month
  • ·61-day-overdue invoices require explicit owner approval before legal escalation
  • ·Daily LLM-spend cap with automatic Telegram alert at 80% utilisation

05

PULSE

audit + replay

12,847 actions logged today

Hash-chained log. Every action replayable end-to-end.

Every AI action, every human approval, every cancel, every escalation — written to a tamper-evident audit log with SHA-256 hash chaining and per-tenant advisory locks. If something went wrong, you can replay the exact sequence that produced it.

  • ·Hash-chained (any tampered row breaks the chain visibly)
  • ·Per-tenant isolation via Supabase RLS
  • ·Full action replay including the upstream context that triggered it
  • ·7-year archive retention (matches LHDN e-Invoice + PDPA requirements)

ANATOMY OF AN APPROVAL

One Telegram message stands between the AI and the world.

When an ONSET module is about to ship an irreversible action, it doesn't ship. WATCHDOG pauses it, posts the draft to your Telegram, and starts a 30-second timer.

Tap ✓ Approve — it ships immediately. Tap ✗ Cancel — it dies and PULSE records why. Do nothing — it auto-ships at the timer (or auto-cancels, if you flipped that action class to require explicit approval).

  • 1 · DraftThe AI module composes the action. SENTINEL pre-screens it. If unsafe, it never reaches WATCHDOG.
  • 2 · RouteGUARDIAN looks up who should approve this action class. The Telegram message lands in their chat (not yours, if they're the right approver).
  • 3 · GateCountdown ticks down. Approver decides. TREASURY also gets a veto on anything money-related, even if the human approves.
  • 4 · LogPULSE writes the full sequence — draft, approver, decision, timestamp, hash — to the audit chain. Replayable forever.

ONSET · Approval needed

Telegram · 3:47 pm

Collections

Sending a 31-day-overdue reminder to Mr Lim Wei Hao (RM 4,250). Tone: friendly first reminder.

Draft message

Auto-ships in 28s if no action

Talk to us on WhatsAppView Pricing

WHAT'S UNDERNEATH

The infrastructure your auditor will ask about.

Command isn't a feature flag. It's a separate control plane with its own storage, its own RLS, and its own audit guarantees.

Tamper-evident audit

Postgres trigger on insert computes SHA-256 over (prev_hash + payload + tenant + timestamp). Any altered row breaks the chain visibly via a deterministic verification view — runs on every release as a pass/fail gate.

Row-level tenant isolation

Every Command table has RLS enforced at the Postgres layer. Tenant A's JWT cannot read Tenant B's rows even via direct PostgREST access. Verified by cross-tenant smoke tests on every release.

Per-tenant RBAC

Roles: owner, finance, ops, sales — each with their own approval thresholds. GUARDIAN reads from the same RBAC table that the rest of the dashboard uses, so there's no separate access-control surface to drift.

ISO 42001 IN PURSUIT

Command was built spec-first against the ISO 42001 AI management system standard. We're in active pursuit of certification. The audit log + approval gates + RBAC structure satisfies clauses 6.1.3 (AI risk treatment) and 7.5 (documented information). Ask for our ISO 42001 mapping document.

HOW TO BUY COMMAND

Command comes free with any coordinated bundle.

Command isn't sold standalone — it's the supervisory layer above the modules you hire. Buy any Coordinated Bundle (from RM 1,499/mo) and the full 5-agent oversight plane is included.

  • Single Module

    Command not included

    Single modules ship with WATCHDOG's cancel window (you always get the approval gate). The full 5-agent oversight requires a bundle.

  • Coordinated Bundle · Most popular

    Full Command included

    From RM 1,499/mo. All 5 agents + RBAC console + audit replay + ISO 42001 mapping doc. Most clients land here.

  • Custom / Enterprise

    On-prem Command

    Command deployed in your VPC. Your audit log, your RBAC, your Telegram bot. Talk to Reginald.

Enterprise enquiryView full pricing

BEFORE YOU BUY

The five things buyers ask about Command.

  • Can I configure the 30-second cancel window length?

    Yes. Per-tenant default is 30s. You can tune it per action class — payments at 60s, social posts at 15s, deletes at 90s. Below 5s is blocked (no useful cancel surface). Above 5 minutes is blocked (defeats the gate).

  • What happens if I miss an approval?

    Default: auto-ship after the timer. You can flip any action class to auto-cancel-on-miss (recommended for refunds + collections legal-action). GUARDIAN also runs a fallback escalation — if you're offline > 30 min, it routes to your designated backup approver.

  • Is the audit log admissible in court?

    The hash chain is tamper-evident — any altered row breaks the chain visibly via a verification RPC. We're not lawyers, but in two PDPA matters our audit log's integrity has held up under regulator scrutiny.

  • How does Command integrate with my existing AI tools?

    Any tool that sends outbound (Make, Zapier, n8n, custom code) can route its outbound through our webhook + get the SENTINEL/WATCHDOG/PULSE treatment. Most clients run their own pipeline alongside ONSET modules and gate everything through Command.

  • Does Command slow down my workflows?

    SENTINEL adds ~150ms per outbound. WATCHDOG adds the 30s cancel window only on irreversible actions (typically 5–10% of all actions). The rest run at full speed. Internal cost: < RM 0.005 per gated action.

Hire the oversight before you hire more autonomy.

Reginald and ONSET team reply within one business hour, Mon–Fri 9am–6pm MYT.

Talk to us on WhatsApp
  • ISO 42001 in pursuit
  • PDPA Amendment Act 2024-aligned
  • Hash-chained audit
  • Row-level tenant isolation
  • Per-tenant RBAC