# Gostly

> Gostly is an HTTP proxy that learns from real traffic and replays it to simulate external service dependencies in development and testing. It removes the need for hand-written mocks and stubs by recording real API behavior and serving it back with structural redaction, tenant-aware persistence, and an AI-only-at-the-edge match cascade.

AI codegen tools: each page below is also available as raw markdown at the corresponding `.md` URL under `/docs/` (for example, `/docs/quickstart` is served at `/docs/quickstart.md`).

## Pages

Top-level marketing surface, including security and architecture posture.

- [Gostly](https://gostly.ai/): Gostly is an HTTP proxy that learns from real traffic and replays it to simulate external service dependencies in development and testing.
- [Use cases](https://gostly.ai/use-cases): Concrete development and testing scenarios Gostly is built for: cold-start CI without upstream credentials, deterministic test environments, and offline replay of recorded traffic.
- [Architecture](https://gostly.ai/architecture): How the Gostly stack fits together: agent (Rust HTTP proxy), API (Python control plane), inference server, and dashboard. All self-hosted; only telemetry counters and license issuance reach Gostly's cloud.
- [Security](https://gostly.ai/security): Structural security invariants by construction: REDACT_FLOOR header stripping at capture, per-tenant Postgres RLS, customer self-hosted deployment with no payload data leaving the customer's infrastructure.
- [Clean-room runbook for Claude Skills](https://gostly.ai/features/clean-room): Step-by-step runbook for wiring Claude Skills against Gostly-served mocks instead of live upstream APIs. Capture real traffic, switch to mock mode, point your skill at the local proxy — deterministic, sealed, auditable by construction.
- [Agent runtime](https://gostly.ai/features/agent-runtime): Gostly as the deterministic agent runtime layer: byte-equivalent upstream replay, pre-execution policy gate, and cryptographically logged decision trace around AI agent tool calls. Self-hosted; no LLM in the request hot path.
- [Partners](https://gostly.ai/partners): Integration and reseller partners for Gostly, with focus on regulated and latency-sensitive verticals.
- [Test AI agents](https://gostly.ai/test-ai-agents): Your agent isn't deterministic. Your tests need to be anyway. Gostly records real upstream traffic once and replays it byte-for-byte so the only variable in your agent run is your agent code — same response every test run.
- [Record and replay HTTP traffic](https://gostly.ai/record-and-replay-http): VCR, Betamax, and Polly.js record HTTP calls inside one test runner in one language. Gostly does it at the proxy layer — language-agnostic, structurally redacted, stateful, multi-service.
- [Contact](https://gostly.ai/contact): Contact information for sales, support, and security review.
- [Register](https://gostly.ai/register): Create a Gostly account. Free, Pro, and Team tiers; SSO (SAML, OIDC), 4-role RBAC, and audit log on Team.
- [Privacy policy](https://gostly.ai/privacy): Gostly's privacy policy.
- [Terms of service](https://gostly.ai/terms): Gostly's terms of service.
- [Telemetry](https://gostly.ai/telemetry): Schema of the opt-out-able usage telemetry the agent emits, and the single environment variable that disables it. Bodies and raw identifiers are never transmitted.

## Docs

Product documentation: install, configuration, and operating the proxy.

- [Docs](https://gostly.ai/docs): Gostly product documentation index.
- [Quickstart](https://gostly.ai/docs/quickstart): Get Gostly running with Docker Compose, record real API traffic, and switch to MOCK mode for deterministic replay.
- [How it works](https://gostly.ai/docs/how-it-works): The LEARN -> MOCK pipeline, the four operating modes, the match cascade from exact match to AI inference at the edge.
- [Proxy setup](https://gostly.ai/docs/proxy-setup): Configuration for the Gostly HTTP proxy: multiple upstreams, TLS termination, CI integration, chaos injection.
- [Configuration](https://gostly.ai/docs/configuration): Full reference for every environment variable, configuration file, and runtime option.
- [API Reference](https://gostly.ai/docs/api): Complete control-plane HTTP API reference — authentication, idempotency, error envelope, pagination, rate limits, and every endpoint grouped by feature surface.

## Blog

Engineering and product writing — security model, architectural rationale, comparisons.

- [Blog](https://gostly.ai/blog): Gostly engineering and product blog index.
- [How Gostly handles security](https://gostly.ai/blog/security): How Gostly scrubs credential headers and PII on every disk and shipped sink by default, and enforces tenant isolation in the database itself.
- [Why choose Gostly](https://gostly.ai/blog/why-choose-gostly): The deterministic-contract wedge: why traffic-derived mocks beat hand-written stubs for development and CI.
- [Deterministic results in Agentic Workflows](https://gostly.ai/blog/deterministic-results-in-agentic-workflows): Why an LLM in the replay path is a coin flip, and how a deterministic substrate makes agent tests reproducible by construction. The three patterns we use, and what we don't.

## Compare

Side-by-side comparisons with other API-mocking and contract-testing tools.

- [Gostly vs Hoverfly](https://gostly.ai/compare/hoverfly): How Gostly differs from Hoverfly: learning from real traffic, structural redaction, AI-only-at-the-edge match cascade.
- [Gostly vs Microcks](https://gostly.ai/compare/microcks): How Gostly differs from Microcks: contract-light, traffic-derived, structural security model.
- [Gostly vs Mockoon](https://gostly.ai/compare/mockoon): How Gostly differs from Mockoon: real-traffic learning vs hand-built mocks, with tenant-aware persistence.
- [Gostly vs Optic](https://gostly.ai/compare/optic): How Gostly differs from Optic: serving replay traffic to a running application vs documenting API drift.
- [Gostly vs Postman](https://gostly.ai/compare/postman): How Gostly differs from Postman Mock Servers: in-process replay, tenant isolation, no manual mock authoring.
- [Gostly vs Prism](https://gostly.ai/compare/prism): Prism mocks your OpenAPI spec. Gostly records your real upstream and replays it byte-for-byte. Polymorphism, drift, and stateful flows where Prism falls short.
- [Gostly vs WireMock](https://gostly.ai/compare/wiremock): How Gostly differs from WireMock: traffic-derived libraries, structural redaction, and an AI-at-the-edge match cascade rather than hand-written stub mappings.
- [Gostly vs Microsoft AGT](https://gostly.ai/compare/microsoft-agt): How Gostly differs from Microsoft Agent Governance Toolkit: AGT enforces policy at the agent boundary; Gostly proves behavior matches contract via deterministic upstream replay and signed audit trail.
- [Gostly vs AWS AgentCore](https://gostly.ai/compare/aws-agentcore): How Gostly differs from AWS AgentCore Policy: Gostly is transport-agnostic and multi-cloud, with byte-equivalent upstream simulation rather than Bedrock-bundled policy gating.
- [Gostly vs Datadog LLM Experiments](https://gostly.ai/compare/datadog-llm-experiments): How Gostly differs from Datadog LLM Experiments: deterministic pre-deploy regression signal at the agent-to-API boundary, complementary to Datadog's post-deploy observability.