Dimension scores are derived from public data and fields; weighted into the composite. Reference only.
consensus.tools positions itself as a “Decision Firewall for AI Agents.” It is not a large language model or chat application, but governance infrastructure inserted between an Agent “proposing an action” and the system “actually executing” it. A typical flow is: the Agent proposes an action, the Guard evaluates risk, multiple personas or models vote, a consensus policy returns ALLOW, BLOCK, REQUIRE_HUMAN, or REWRITE, and the entire process is written to an audit log.
Its core consists of guards, consensus policies, human-review escalation, and an audit ledger. Built-in scenarios cover code_merge, deployment, send_email, support_reply, permission_escalation, publish, agent_action, and more. The consensus layer offers 9 algorithms, including majority voting, reputation-weighted voting, human-in-the-loop, trusted arbitration, highest confidence, and others. It also supports human-review notifications via Slack, Teams, PagerDuty, etc., and can store actions, votes, risk scores, final decisions, and human intervention records in a SQLite append-only ledger.
The integration options are fairly comprehensive: CLI, Node.js SDK, REST API, MCP, and Runtime Wrapper are all mentioned, allowing it to be embedded into CI/CD, TypeScript applications, Claude Code/Cursor, or Agent frameworks. The documentation lists integrations with OpenAI Swarm/Agents, Vercel AI SDK, Claude Agent SDK, Mastra, LangChain, CrewAI, AutoGen, AutoGPT, LlamaIndex, and more. On privacy, it supports fully local operation, no account requirement, air-gapped environments, self-hosting, and a local SQLite ledger, which should be attractive for internal enterprise Agent governance.
The main content shows that the project uses the Apache 2.0 open-source license. The CLI, guard packages, and agent skills can be installed and run locally. No commercial-edition pricing, hosted-service billing, or free-tier information was found. Chinese-language support is not clearly described; the site content and code examples are in English, meaning teams in China should expect some cost in reading English documentation and adapting the engineering integration.
Its strengths are a clear governance model covering the policies, voting, human review, auditing, and observability needed for high-risk automated actions. It is also open source, self-hostable, and rich in interfaces. The limitations are that it is not a ready-to-use SaaS for ordinary users; real-world deployment depends on teams defining their own policies, connecting workflows, and maintaining guard rules. The crawled information also shows 0 stars and 0 npm weekly downloads, so ecosystem maturity still needs to be validated. It is better suited to engineering and security teams already using Agents for PR merges, deployments, customer support, data access, or finance/healthcare/legal workflows.
The crawled text does not provide information on mainland China access, ICP filing, nodes, or payment methods, so this remains unknown. Since it can mainly be deployed locally, it should theoretically run inside an internal network if GitHub/npm can be accessed and dependencies can be pulled. If network restrictions are an issue, alternatives such as internal CI approval flows, LangGraph/LangSmith, Guardrails AI, or a self-developed policy gateway may be considered.
⚠ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on consensus.tools official site.
consensus.tools is an United States AI Apps provider. TG4G tracks its product information, an overall rating of 8.0/10, and a China-accessibility score of China direct-connect friendly. Click "Visit Official Site" to reach consensus.tools directly.