Change-Request Compliance Agent
An agent that sanitizes enterprise change requests, scores compliance, and plugs straight into the ITSM workflow — with a full audit trail and zero PII leakage.
At a glance: Ethereal built an assistant for a company's IT team that reviews requested system changes, scores how well each one follows policy, and files its verdict directly in the team's existing tracking system with a full record of every decision. It strips out sensitive internal details first, so private information never leaks.
The Problem
Change requests must be sanitized and compliance-scored before approval. Manual review is slow and inconsistent — and every review is a PII-leak risk.
Hundreds of change requests weekly outpace human review, so weak plans get rubber-stamped.
Most failed changes trace back to vague, incomplete backout plans that reviewers never catch.
Requests carry internal IPs and hostnames that cannot be sent to an external model without a compliance breach.
The Solution
We built an agent that sanitizes change-request data automatically, scores compliance against policy, and plugs into the enterprise ITSM workflow, writing a complete audit trail for every decision.
Sanitization Middleware
A Python layer sits between ITSM and the model, stripping identifiers before inference.
Grounded Prompting
Few-shot gold-standard plans anchor the model to the organization's real IT policies.
Writeback
Re-identified feedback returns to the ticket as a private, human-verifiable comment.
Reasoning Engine
One LLM scores compliance and coaches the plan, never touching raw PII.
The agent advises rather than auto-rejects, so engineers self-correct before the review board.
Internal IPs and hostnames are replaced with tokens before any data reaches the model.
Only anonymized logic leaves the perimeter; network topology never does.
Scoring is anchored to approved reference plans, not generic internet advice.
Every low score ships with specific, policy-based reasons for the deduction.
Output is framed as advisory and requires a reviewer's sign-off before action.
Scores and feedback post as durable ticket comments for a full compliance record.
The Outcome
Automated, auditable change validation — consistent scoring, faster approvals, and no PII leakage.
Built with
05 technologiesHave an enterprise itsm problem like this?
Tell us what you're building — we'll tell you exactly how we'd ship it.
From the archive

A self-hosted intraday trading cockpit built around one guarantee: your broker keys never leave your machine.

A white-label, multi-tenant CRM with agentic AI baked into every pipeline — customer visibility, role-based workflows, and AI-powered operations in one place.

A clinical skin-health diagnostic experience that turns complex thermography and 3D data into something patients can actually read — clinical yet approachable.
A family of production trading systems — signal bridges, strategy bots, copy-trading, and portfolio rebalancing — running 24/7 with human oversight.