Jozu works with the pipeline tools you already use. The platform integrates with Jenkins, GitLab CI, GitHub Actions, Dagger, and OpenShift pipelines. Models are packaged via the Kit CLI or Python SDK, stored in your existing registry using OCI standards, scanned for security issues, then deployed through your normal ML pipeline automation workflows. Jozu fits into your stack rather than replacing it - you keep your existing tools and authentication while adding security scanning, signed packaging, and attestation-based deployment gates. ModelKit CI/CD operations use standard commands that work in any pipeline environment.

Yes. Model scanning happens automatically when ModelKits are pushed to Jozu Hub. The platform performs checks for code injection, backdoors, data poisoning, prompt handling, and adversarial attacks. Security scan results are tracked per version, and you can download audit logs for compliance checks. Jozu can block deployments or pulls if SHA digests don't match signatures, ensuring only validated models reach production. This automated validation replaces manual security reviews that slow down deployment cycles.

ModelKit Kubernetes deployment follows a straightforward process: Jozu auto-generates deployment artifacts including inference containers and Kubernetes manifests from your ModelKits. Your CI/CD ML deployment pipeline pulls the signed ModelKit, Jozu validates the SHA digest against the signature, and if validated, deploys to your Kubernetes clusters. Automated model deployment supports any cloud or on-premises Kubernetes distribution.

Jozu Hub packages models, datasets, codebases, and documentation as OCI Artifacts. Each component becomes a layer in the OCI artifact, enabling efficient storage and transfer since unchanged layers are deduplicated and don't need re-uploading or storage. Jozu’s OCI compliance means ModelKits work with any registry that supports OCI standards. The platform can even add SPDX 3 software bill-of-materials and signed provenance attestations to each package, creating an OCI model registry that maintains full lineage and audit trails while remaining compatible with your existing container infrastructure.

OCI ML benefits come from leveraging proven container infrastructure rather than building new systems. Unlike Git LFS, OCI provides efficient layer-based storage (unchanged components aren't re-uploaded), built-in versioning through tags and digests, cryptographic verification of content, and native support in Kubernetes. Container standards means your DevOps teams already know the tooling and workflows. Previous approaches scattered models across Git, S3, and experiment trackers - creating audit nightmares and unclear rollback processes. OCI-based ModelKits provide a single artifact with complete provenance that moves through your existing registry and deployment infrastructure.

Agent Guard packages MCP servers as OCI artifacts with cryptographic signatures and attestations. Policies control which agents can call which tools, with what parameters, under what conditions. Your IDE (VS Code, Cursor, Claude Desktop) points to Jozu Hub as its MCP registry for centrally curated, security-scanned servers.

The agent is denied. Agent Guard fails closed — missing data or evaluation errors result in denial, not pass-through. For high-risk actions, ToolPolicy triggers human-in-the-loop confirmation. Every decision is logged in the tamper-evident audit trail.

Yes. Policies travel as OCI artifacts alongside the agents they govern and enforce locally with no connectivity to a central controller. Audit logs sync to Hub when connectivity is restored. This is a primary differentiator for defense, edge, and DDIL deployments.