> For the complete documentation index, see [llms.txt](https://cogna8-io.gitbook.io/docs/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://cogna8-io.gitbook.io/docs/understanding-cogna8/readme-1.md).

# What is Cogna8.io

> **Agents are in production. 88% of organizations have had security incidents from them.**\
> **Nobody owns the authorization layer. Cogna8 does.**

AI agents act on state across sessions, tools, and contexts. That state drifts. Facts conflict. Context bleeds. Decisions get made on information that is stale, contradictory, or never confirmed. Without a control layer, agents act on broken or unresolved information - and no one finds out until the damage is done.

Cogna8 verifies governed state, authorizes external actions, and issues traceable receipts for every decision an agent is allowed to execute.

***

## The Core Thesis

{% hint style="success" %}
**Do not trust an agentic system because it can explain itself.**\
**Trust it when its actions are constrained by verified state and the reasons for every decision are traceable.**
{% endhint %}

Large language models are increasingly convincing. They explain their reasoning fluently. They sound certain. But sounding right and being right are different things when a system is about to move money, schedule a procedure, approve a contract, or trigger an irreversible workflow.

The question is not *can the agent explain what it did?*

The question is *was the information it acted on actually fit for action?*

***

## Why Action Authority

Every AI stack today has tools for memory, orchestration, output safety, and observability. What is missing is more fundamental: a layer that decides whether an agent's proposed state mutation or external action is authorized to proceed - based on current evidence, trust level, policy compliance, and unresolved conflicts.

Modern runtimes help agents run. Cogna8 decides when their actions are actually authorized.

We call this **action authority over governed state** - and it is the enforcement primitive that production AI systems are missing.

{% tabs %}
{% tab title="What Happens Without It" %}
An agent reads a budget figure of $50,000 from one session and $75,000 from another. A downstream agent consumes both without noticing the contradiction. A workflow triggers spend based on whichever value it encountered last.

A medication protocol changes after new lab results. A scheduling agent never sees the update. A procedure gets booked against outdated clinical context.

A multi-client platform serves Client A and Client B through shared infrastructure. Client A's risk constraints silently leak into Client B's portfolio recommendations. The output is coherent, well-explained, and completely wrong.

These are not edge cases. They are structural consequences of acting on state that no one verified and no authorization layer governed.
{% endtab %}

{% tab title="What Happens With Cogna8" %}
The budget contradiction is detected at the state layer. The spend action is gated until the conflict is resolved. The resolution is traced.

The medication change creates a staleness signal on dependent state. The scheduling action is warned or blocked. The agent operates on current clinical context.

Client scopes are structurally isolated. The portfolio agent evaluates state within Client B's boundary only. Client A's constraints are invisible to the evaluation.

Every decision - allow, warn, or block - is tied to the specific state and checks that produced it. The trace answers "why did the system do that?" with structured evidence, not narrative reconstruction.
{% endtab %}
{% endtabs %}

***

## What Cogna8 Does

Cogna8 is an **authority runtime** for AI systems. It introduces **governed state** as a foundational primitive - structured, integrity-checked, scope-aware information that participates in deterministic action-permission decisions.

{% stepper %}
{% step %}
**State Formation**

Cogna8 identifies information that matters for safe action and structures it into typed, canonically-keyed state items with lifecycle tracking.
{% endstep %}

{% step %}
**Conflict Detection**

New state is evaluated against active state in the relevant scope. Contradictions are surfaced as first-class signals - not silently merged or overwritten.
{% endstep %}

{% step %}
**Action Gating**

When an action is requested, Cogna8 evaluates integrity and returns a deterministic decision - **allow**, **warn**, or **block** - with structured reasons.
{% endstep %}

{% step %}
**Traceability**

Every state change, conflict event, and gate decision is recorded in a structured audit trail tied to specific state items and checks.
{% endstep %}
{% endstepper %}

***

## Three Operating Principles

{% hint style="info" %}
**No silent state overwrite.** When new information contradicts active governed state, the system surfaces the conflict rather than quietly replacing the previous value.
{% endhint %}

{% hint style="info" %}
**Explicit conflict surfacing.** Contradictions are a primary operational signal. The system is architecturally built to detect, record, and gate on conflicts.
{% endhint %}

{% hint style="info" %}
**Traceable action decisions.** Every allow, warn, or block decision is tied to the state and checks that produced it. The question "why did the system do that?" always has a structured answer.
{% endhint %}

***

## Today and Tomorrow

The authority primitives - state formation, conflict detection, deterministic gating, scope isolation, and state-linked traceability - operate in the Cogna8 product surface today at [cogna8.io](https://cogna8.io). The infrastructure direction is these same primitives as an **embeddable authority runtime** for production agent stacks - any framework, any domain, any scale.
