NORNR mark NORNR Govern one consequential tool call before it becomes normal runtime behavior.
Control room

NORNR / OpenAI runtime gate

Productized package

Put one OpenAI Agents tool call behind policy before it can create spend.

This package is the cleanest runtime story for teams already using OpenAI Agents SDK. Pick one consequential tool call, make NORNR decide whether it should run, and keep one defended record when it does.

OpenAI approval rules guide Open one-lane installer

The right first runtime package is not “govern every tool.” It is one paid or consequential tool lane with one decision path, one review path and one defended record.

Package shape

One runtime spend gate, not a framework-wide rewrite.

The package should be easy to understand, easy to start and easy to prove in front of a buyer.

Scoped lane

Choose one tool call that can become paid usage or a vendor action

Do not start by wrapping the whole runtime. Start with the one call that can create cost or consequence today.

Policy decision

Approved, queued or blocked before the runtime clears the action

The model can still reason. NORNR only decides whether this tool action may continue under the current owner mandate.

Review owner

One operator or finance reviewer owns the queue above threshold

The package becomes buyer-safe when the escalation owner is explicit and the reason lands in one queue item.

Defended record

The tool call should still end in one exported record later

Runtime-native only matters if finance, risk and audit can still reuse the same path afterward.

Install-first path

Make the OpenAI lane feel official from the first command.

Starter, pack, guide chain and outputs should all line up without the team having to improvise the posture model.

Starter

Copy-paste the official OpenAI lane

bash 
nornr init openai-agents --owner runtime-agent
Default pack

openai-tool-governed

Start with one threshold, one counterparty posture and one explicit review owner for the single consequential tool lane.

What it proves

OpenAI Agents can stay native while NORNR becomes the control layer above them.

That is the commercial point of the package: keep the runtime, change the decision and proof posture.

01

Agent proposes one tool action

Amount, purpose and counterparty enter before the call runs.

02

NORNR evaluates the mandate

The tool call is checked against threshold, counterparty and policy posture.

03

Runtime clears or queues

Low-risk cases stay fast. Higher-risk cases route into review without breaking the runtime shape.

04

Review resolves from one queue

The reviewer sees the reason, not a separate reconstruction.

05

Execution and receipt trail stay attached

If approved, the resulting action still lands in the same governed record.

06

Finance exports the same path later

The package is complete only when close and audit still read cleanly afterward.

Adjacent packages

Use one runtime gate to open the rest of the stack.

Once one OpenAI tool lane is governable, the next strongest moves are LangGraph approval branching, browser checkout and finance close packet export.

Orchestration LangGraph approval branch

Carry the same control model into a graph edge that can reach consequential action.

 Finance Finance close packet

Prove the tool lane still exports cleanly after the runtime step settles.

 Design partner Bring one consequential tool call

Best fit when you can point to one runtime action already close to real spend.