Plugin Design Partner Program

Choose this if you want direct help shaping the plugin rollout

Plugin Design Partner is the right fit when you've installed a plugin, written a starter policy pack, and now need help scaling that into a real rollout: which hooks to trust, what policies to write, how to handle the override / approval workflow, and how to move from "running on my laptop" to "running across the team or org."

Best for solo developers and small teams who already see the value and want to skip the trial-and-error of policy authoring and rollout design
Good fit when you'd rather have a 30-minute call with someone who's seen the failure modes than read four blog posts and stitch it together yourself
If you just want higher limits, longer audit retention, HITL approval gates, and evidence export without a partnership relationship, start with the free Plugin Evaluation License

What to have ready before you apply

A plugin already installed and AxonFlow running locally — even just on your laptop is fine
A specific rollout question: "I want this on my team's machines but I'm not sure how to scope policies", or "I need to convince our security team that the audit trail is enough", or "I keep getting blocked on the same rule and want a real override workflow"
A real codebase or workflow you're using the plugin against — not just demos

What selected partners receive

6 months of AxonFlow Enterprise license, no cost — covers org-wide policies, session overrides, longer audit retention, evidence export, and unlimited HITL approval queue
2 business day SLO priority support — direct line for plugin-specific questions, hook lifecycle issues, MCP integration debugging
30-minute hook lifecycle review — are you wired to the right OpenClaw / Claude / Cursor / Codex hooks for your threat model? Are you missing coverage on tool-result-persist, message-sending, or skill execution paths?
Policy pack scoping session — what fires interactive in IDE vs CI vs pre-merge; severity tiers; per-language gates; MCP-connector-specific rules
Override workflow design — who can override what, TTL strategy, escalation, audit review cadence
IDE / CLI rollout pattern — single-dev → team → org-wide migration path, including where it typically breaks (shared accounts, X-User-Email scoping, multi-tenant org routing)
Private Slack channel for direct communication during rollout
Influence on the plugin roadmap — hooks we add next, policy primitives we expose, override semantics we tighten

This is not a beta program. You get a full Enterprise license with all features, deployed in your environment, with direct engineering support during rollout.

What the first 2 weeks usually look like

We align on the plugin, the threat model, and the rollout blocker you're actually trying to remove (be specific — "make our agents safer" is not actionable; "block destructive shell commands across our coding team without breaking dev flow" is)
We do a hook coverage audit on your installed plugin and identify the highest-leverage policies to add first (and which ones the existing 80+ built-ins already cover)
You walk away with a plugin-specific runbook: which policies to enable, how to scope the override workflow, where to surface audit, and what your compliance team needs to see

Who this is for

Solo developers shipping agent-assisted code who want a defensible audit trail
Small teams (2-20) rolling out a plugin across all developers and need org-wide policy enforcement
Security / platform engineers tasked with making IDE-coupled coding agents safe to use on real codebases
Compliance owners who need to evidence "we enforce policy on AI-generated code / actions" without buying a heavy-weight platform

What plugin teams are working on with AxonFlow

Blocking dangerous shell commands, SQL injection patterns, secrets exfil, and SSRF in tool calls before they execute
Running HITL approval gates on production-mutating tools (deploy commands, infra mutations, prod database writes)
Cross-team org-wide policies that survive individual developer config drift
Audit trails sized for SOC 2 / ISO 27001 evidence windows, exported to compliance pipelines
Override workflows where developers can self-grant a 60-minute, audit-logged, justified bypass instead of disabling the plugin

Name *

Company or team (optional)

Email *

Personal or work email is fine.

Which plugin are you using? *

What rollout problem do you want help with? *

A few sentences about the specific blocker — hook design, policy scoping, override workflow, IDE/CLI rollout, compliance evidence, etc.

Personal email is fine — solo developers welcome. We review applications within 48 hours.

Application received

We review applications within 48 hours.

What happens next

We review your application and the specific rollout problem you described
If selected, you receive your Enterprise license key and private Slack invite
We schedule a 30-minute hook lifecycle + policy scoping review for your plugin

Useful prep while you wait — read the integration walkthrough for your plugin: Claude Code, Cursor, Codex, OpenClaw. Plugin source READMEs: claude · cursor · codex · openclaw.

Not sure this is the right fit yet? If you want to keep things self-serve and run a 90-day evaluation first, request a Plugin Evaluation License. If you already know what rollout problem you want help with, keep going here.

Prefer email? Reach us at [email protected]