Kilo has launched KiloClaw for Organizations, a managed version of its OpenClaw platform aimed at enterprises seeking more control over how employees deploy AI agents for tasks such as repository monitoring, email drafting, and calendar management.
Co-founded by GitLab co-founder Sid Sijbrandij and Scott Breitenother, Kilo is building open-source coding and AI agent tools and is gaining attention by packaging that technology into managed services for enterprise use.
The new offering includes enterprise features such as single sign-on, SCIM provisioning, centralized billing, usage analytics, and admin controls, while shifting agent workloads from employee-managed infrastructure to managed environments with scoped access.
“Instead of agents running on developer-managed infrastructure with personal credentials, KiloClaw for Organizations runs agents in managed environments with scoped access and org-level controls,” the company said in a blog post.
The company also said it is encouraging organizations to give agents separate, limited-permission identities, such as scoped email and GitHub accounts, rather than allowing them to operate through employees’ own credentials.
KiloClaw for Organizations will be priced on a usage basis, with customers paying only for compute and inference consumption, either through their own model keys or via Kilo Gateway credits.
Enterprise implications
Kilo is targeting a problem many enterprises are only starting to confront: personal AI agents as the next form of shadow IT.
Omdia chief analyst Lian Jye Su said the rise of unmanaged orchestration tools represents a significant security gap. Without centralized oversight, such agents can create compliance blind spots and increase the risk of data leakage through untracked vulnerabilities.
“Right now, some of the biggest governance gaps we observe include a complete lack of transparency, credential sprawl, poor policies and guardrails, and siloed systems,” Su said.
Neil Shah, vice president for research at Counterpoint Research, said the trend mirrors the earlier bring-your-own-device wave, when personal devices entering the enterprise had to comply with IT policies before they could access company systems.
“There is a need for clear governance and transparency around what data and applications AI agents will access, manipulate, store, and automate,” Shah said. “This is what Kilo is trying to solve with multiple enterprise-grade integrations, admin controls, access controls, and usage analytics. This is a step in the right direction toward bringing enterprise-grade Claw agents into the workplace to drive personal productivity.”
Still, features such as SSO and SCIM are likely to be seen as baseline enterprise requirements rather than major differentiators. Buyers evaluating agent platforms for production use are likely to look for stronger controls around governance, compliance, and oversight.
Su said enterprises will need additional safeguards before deploying AI agents in production.
“Managed environments, especially sandboxes, ensure performance and security by design and should be deployed with an agent registry to ensure digital identity, access control, and capability mapping,” Su said. “Other recommended technical and operational safeguards include data governance, compliance and certification, and human-in-the-loop oversight.”
The dual-identity model
Kilo’s approach raises a broader question for enterprises about whether AI agents should eventually be managed less like software tools and more like digital workers.
That model is plausible, and may ultimately become necessary as agent use expands inside large organizations, according to Su.
“The dual-identity vision is forward-looking, plausible, and mandatory,” Su said. “The agent should be linked to a human worker to ensure accountability, proper authorization, access control, and human oversight. This means enterprises need to be equipped with identity and access management solutions, agent-specific observability and telemetry solutions, zero-trust security, and regular red-teaming to ensure agent reliability.”
Go to Source
Author:
