OSuite Exchange
OSuite extends runtime-neutral governance through a curated plugin exchange. The goal is platform expansion with trust, not an open marketplace that dilutes control.
The exchange is intentionally curated. OSuite modules can be official, curated partner, or strategic watchlist entries. This keeps high-assurance workspaces from inheriting marketplace noise.
Every plugin listing resolves to an OSuite plugin manifest and exchange signature. Workspaces enable plugins with explicit scopes such as identity.attest, security.scan, compliance.map, or trust.anchor.
Plugins can contribute runtime decisions, trust materials, or compliance signals, but they do not replace the action certificate. Replay, approval routing, proof closure, and export authority remain inside PCAA.
The first wave includes OSuite Identity Authority, OSuite Zero-Trust Gateway, OSuite Runtime Security, OSuite Verifiable Trust, OSuite ESG Intelligence, and OSuite Enterprise Governance.
Build new OSuite modules through the plugin SDK, submit them into the internal review queue, and publish them under signed manifests with workspace-scoped enablement and audit events.
Essential cookies keep sign-in and workspace routing stable. You can separately choose Analytics cookies and Preference cookies.