Platform

The runtime, governance, and observability your agents already need.

GoodHelp runs multi-agent workloads on Temporal-backed deterministic workflows, with a per-org hash-chained action ledger, application-layer tenant isolation, and signed evidence export already in production. The control envelope you would otherwise build for the first eighteen months.

Temporal-backed workflowsKMS-rooted action ledger17 production agents on LMNTL

When you have to ship AI agents that touch real money, real customer data, or real regulated records, you want a runtime that replay-recovers, a governance layer that an auditor can follow, and an observability layer that proves what happened — so the build-vs-buy conversation isn’t “how long is the eighteen-month detour to make agents shippable.”

Three pillars: runtime, governance, observability.

Runtime

Multi-agent composition on Temporal-backed deterministic workflows. All I/O happens in activities; workflows replay cleanly after a worker restart mid-tick.

Governance

Pre-dispatch runtime policy decides allow / deny / require_approval BEFORE every tool call runs. SoD approvals, locked override keys, regulated-industry policy template.

Observability

Per-org hash-chained action ledger (KMS-rooted HMAC-SHA256). Hourly BigQuery anchor for tail-truncate defense. Self-audit-on-read evidence export.

The control envelope you would otherwise build yourself.

Deterministic workflow engine

Temporal-backed. Workflows are pure orchestration; I/O lives in activities. Crash mid-tick → clean replay. Worker restart never double-charges a customer.

Hash-chained action ledger

Per-org AgentActionLog Firestore sub-collection. Each row HMAC-SHA256 chained to the previous, transactional tail-read + row-write. KMS-rooted signature.

Pre-dispatch runtime policy

tools_allowed + data_scope predicates + external-comms allow-list + per-run cost cap + PII filter + retention horizon. Pure decision module — no I/O, reproducible across replays.

SoD approvals

The user who edited an agent in the last 24h cannot approve its next action. Enforced fail-CLOSED (SOD_REQUIRE_AUDIT_AVAILABLE=true): if the SoD audit context is unavailable the approval is blocked rather than allowed.

Application-layer tenant isolation

Audit-critical Firestore collections stored as per-org sub-collections under user_docs/<org_id>/. org_id-required loaders plus router-layer membership-derived org_id.

Per-agent secret vault

Customer credentials (API keys, OAuth refresh tokens) Fernet-encrypted at rest in the gh-secrets GCS bucket. Separate from GCP Secret Manager which holds platform bootstrap secrets.

Already in production.

17

Production agents running LMNTL itself

50+

Agent templates in the seed library

~600+

DCAA-aligned contractors served via Hour Timesheet (sister brand)

Where GoodHelp sits relative to the build-it-yourself path.

CapabilityGoodHelpGeneric agent SDKs (LangGraph, AutoGen, CrewAI)Build it yourself
Deterministic workflow engineTemporal-backedDIY3-6 months
Hash-chained action ledgerKMS-rootedDIY1-3 months
Pre-dispatch runtime policyDIY1-2 months
SoD approvalsDIY2-3 months
Application-layer tenant isolationDIY1-2 months
Signed evidence exportKMS asymmetricDIY1-2 months

Comparison reflects publicly documented capabilities as of 2026-05-25. DIY estimates assume a senior platform engineer building each primitive in isolation, ledger-style — not the full product surface.

What technical buyers ask first.

What workflow engine do you use?

Temporal Cloud (mTLS). Activities run on GKE; workflows are deterministic and replay-safe. Crash mid-tick recovers cleanly.

How is the action ledger structured?

Per-org AgentActionLog Firestore sub-collection under user_docs/<org_id>/. Each row HMAC-SHA256 chained to the previous, transactional write. Hourly BigQuery insert-only anchor for tail-truncate defense.

How is tenant isolation enforced?

Application-layer: per-org Firestore sub-collections, org_id-required loaders, and router-layer membership-derived org_id. There is no firestore.rules file in the repo — isolation is defense-in-depth at the application layer.

What's the per-org cost-cap story?

Per-run cost cap is enforced today. Per-period cap is captured in the schema but inert until the AgentActionLog aggregate-query wiring ships.

How are SoD approvals enforced?

The user who edited an agent definition in the last 24h cannot approve that agent’s next action. The fail-mode is fail-CLOSED: SOD_REQUIRE_AUDIT_AVAILABLE=true is set in production, so an approval is blocked (and the block logged) if the SoD audit context is unavailable.

Where is data hosted?

GCP us-west1. Single-region today; no cross-region failover claim.

What about SOC 2, ISO 27001, HIPAA, FedRAMP?

No active accreditation today. We do not represent ourselves as certified under any framework. Trust posture lives at the Trust Center.

Can we self-host?

No. Managed only.

Bring your control checklist; we’ll walk through the substrate.

Thirty minutes with a Trust Center walkthrough plus an architecture deep-dive on the primitives your platform team will actually grade.