What Customer-Owned AI Actually Means (Pull the Keys and Keep Operating)

When we say Sovereign is “customer-owned AI,” we mean something you can verify. Not a marketing claim. A technical condition you can test in five minutes.

Here is the test: pull your API keys and see what happens.

If the platform stops operating - if your agents go dark, your workflows halt, your data becomes inaccessible - the vendor owns your runtime. You were a tenant. You rented the capability. You did not own it.

If the platform keeps operating because the infrastructure is in your cloud account and the agent runtime is in your custody - that is customer ownership. That is what Sovereign is built on.

The Anatomy of Lock-In

Most business software creates lock-in through data gravity. Your history, your contacts, your configurations accumulate inside the vendor’s system. Switching is painful because migration is painful. But the model is transparent: you know you’re in a walled garden.

AI platforms introduce a new and less obvious form of lock-in: runtime dependency. The agent runs on the vendor’s compute. The agent’s memory lives in the vendor’s database. The agent’s reasoning passes through the vendor’s model router. The agent’s credentials - the API keys that let it access your Gmail, your CRM, your QuickBooks - are held by the vendor in their secrets vault.

You are not just importing your data into their system. You are wiring your business operations through their infrastructure.

When they raise prices, you pay. When they deprecate a model version, your agent’s behavior changes. When they go down, your operations go down. When they decide to change their terms of service, you renegotiate from a position of complete dependence.

This is not hypothetical. It is the standard commercial relationship for every major AI platform operating today.

How Sovereign Is Structured

Sovereign is deployed into your AWS account. Not our AWS account with your subdomain on it. Your account. The separation is not cosmetic.

Your infrastructure, your costs. The ECS Fargate cluster that runs the agent, the EFS volume that holds agent state, the Aurora PostgreSQL database that stores plans and memory - all of it provisions into your AWS account. Your AWS bill. We deploy; you own.

Your secrets, your keys. Every credential the agent uses - Anthropic API key, Google OAuth tokens, CRM integration keys, Instantly API credentials - lives in AWS Secrets Manager in your account. Not in our secrets manager. Not in an environment variable we control. Your Secrets Manager. Your IAM policies govern access. We never see the plaintext values.

Your data, your logs. The agent’s execution logs, the plan tables, the memory KV store - they live in your Aurora cluster and your S3 bucket. We can access them for support and debugging only with your permission. The data does not replicate to our infrastructure.

Your model access, your costs. Sovereign uses a hybrid model architecture because it produces the best outcomes at the best cost. Bedrock-hosted models (Sonnet, Haiku, Nova) run inference in your account at Bedrock rates. Direct Anthropic API calls - used only for the highest-reasoning workloads, currently Claude Opus - use an API key in your Secrets Manager and bill to your Anthropic account.

You control both. You can swap models. You can opt out of direct Anthropic API calls and run pure-Bedrock if you prefer a single-vendor model access path. The routing logic is in the agent configuration you own.

The Hybrid Model Architecture

The choice of hybrid Bedrock plus direct Anthropic API is not an accident. It reflects a specific tradeoff we made deliberately.

Anthropic publishes its flagship Opus model on Amazon Bedrock, but typically on a two-to-six-week lag behind the direct API release. For volume workloads - inbox triage, lead classification, campaign monitoring, routine ops - that lag is irrelevant. Cost and speed are what matter, and Bedrock-hosted Haiku and Sonnet are excellent at those jobs.

For high-stakes reasoning - writing client-facing copy, making financial decisions, handling complex ambiguous situations - you want the latest Opus. Two to six weeks matters when the difference is a meaningful capability improvement.

The hybrid path gets you both: Bedrock economics for volume, direct API for the flagship model on high-reasoning work. Because your Anthropic API key lives in your Secrets Manager, you are not routing that traffic through our account. Anthropic sees you as the customer. The billing relationship is direct.

The pull-the-keys scenario, made concrete:

Suppose you decide to stop working with Prospectr - for any reason. What happens to your Sovereign deployment?

• The ECS cluster keeps running in your account.
• The agent’s plans and memory stay in your Aurora database.
• The Bedrock models keep running in your account - no dependency on Prospectr.
• The direct Anthropic API key is in your Secrets Manager - no dependency on Prospectr.
• Your integrations (Google Workspace, CRM, QBO) are connected via tokens in your Secrets Manager - no dependency on Prospectr.

You change the Prospectr-managed credentials. You update the agent’s SOUL configuration if you want different behavior. You keep operating.

We can’t lock you in because we don’t hold the keys.

How This Compares to Closed Platforms

Let us be direct about what the alternatives look like.

Software-as-a-Service AI employees (HyperAgent, typical no-code AI platforms, many “AI Operations” tools) run on the vendor’s compute with the vendor’s model routing. They may connect to your accounts via OAuth, but the agent runtime - the thing that actually executes work - is on their servers. Pull your OAuth tokens and the agent stops. The agent’s memory, the plan history, the execution logs - they are in the vendor’s database. You have access to whatever exports they choose to provide.

Model interfaces with memory features (ChatGPT Team, Claude Projects, Gemini Workspace) give you persistent conversation history within their platforms. That is not the same as durable agent state. It is context - useful context - but not a structured execution log, not a plan table, not a task queue that survives cold starts. And the runtime is theirs.

Self-hosted open-source options (n8n, Flowise, custom LangChain deployments) offer infrastructure ownership but require significant engineering investment to operate at production quality. The orchestration layer, the state management, the model routing, the monitoring - you build all of it. Sovereign gives you the production-grade version of what you would build if you had the engineering team to do it.

What “Capability Transfer” Means

Sovereign’s pitch is not just that you own the infrastructure. It is that you own the capability.

When we train a Sovereign Agent for a client, we are not building a proprietary black box that only we can operate. We are deploying a configurable agent runtime and writing the SOUL files, skill configurations, and operational playbooks that define how the agent behaves. Those documents live in your deployment. They are readable. They are editable. They are yours.

If you want to hire an engineer to extend the agent’s capabilities, everything they need is in your account. If you want to train the agent to handle new roles, the process is documented and repeatable. If your team wants to understand exactly what the agent is doing and why, the execution logs tell the whole story.

We built Sovereign as Prospectr’s internal operations platform before it was a product. We run our own business on it - 225+ active clients, 40+ verticals, 882 active campaigns. The transparency we built for ourselves is the same transparency you get.

The Right Question to Ask Any AI Vendor

Before you sign any contract with an AI platform, run the pull-the-keys test against their architecture.

Ask: if I remove my OAuth tokens and walk away today, what happens to the agent’s memory and execution history?

Ask: is the agent runtime running in my cloud account or yours?

Ask: who holds the API keys my agent uses to access my own systems?

Ask: if you raise prices 40% next quarter, what does my migration path look like?

The answers will tell you whether you are a customer or a tenant.

---

If you want to see what a customer-owned deployment looks like for your specific infrastructure, book a Sovereign discovery call. We will walk through the AWS architecture, the secrets management model, and the hybrid model strategy against your use case.

You can also review the Sovereign Agent technical overview or pricing for both deployment paths.

Prospectr Digital - (612) 293-0179 - info@prospectrdigital.com