About Orisan
We build where AI needs an approval record.
Orisan builds security infrastructure for AI-assisted software development. We focus on the new risks created when agents read repositories, inherit instructions, and act through local tools.
Scout is the first active product: a local-first CLI that generates repo-level approval evidence for AI coding agents.
The problem
AI agents changed the boundary of the repository.
Repositories no longer hold only source code. They now hold agent instructions, tool configuration, MCP server access, automation rules, and context that can shape what AI systems do next.
Why Orisan
Infrastructure for the approval moment.
01
Agent-aware from day one
Orisan starts from how AI agents actually work inside repositories: inherited instructions, local tools, MCP servers, and the quiet permissions around them.
02
Local-first where it matters
Teams should not have to upload source code to understand whether their AI tooling is creating risk.
03
Evidence before theater
We care less about broad AI claims and more about specific findings that engineering and security reviewers can act on.
Values
Operating model
Study where AI agents touch repositories, instructions, tools, and developer workflows.
Define the risk model in language engineering and security teams can share.
Build local-first checks that surface exposure without source upload.
Turn useful evidence into an approval artifact teams can run before agent risk reaches production.