Managed-settings policy
Block models fleet-wide and pin a default — un-bypassable via enforceAvailableModels. Capability cap.
Enforcement, not dashboards Enforce AI-coding spend
Enforce AI-coding spend
on every Mac.
Per-model, per-day, mid-flight budgets — enforced on the endpoint across Claude Code, Cursor, Copilot and Codex. Un-bypassable on managed Macs. Your code and prompts never leave the building.
I'm in
Book a demo Phase 0 — become a design partner Get the free Watch app
Live policy · today
claude-opus-4-8 over — seen, not stopped
$200/day
$0 / $200 estimated (list price)
The same overspend — reported vs enforced.
Visibility isn’t control.
Every other tool
Reports the spend
$0
The number climbs. Nothing stops it. You find out when the bill lands.
watching · over budget GearFive
Enforces it
The budget holds — stopped at the source, on the endpoint, before the spend happens.
held at $200/day Limit · the wedge
Operate real enforcement — before you ever sign up.
Flip one policy and watch it propagate across a managed fleet: blocked models get denied on the endpoint, mid-flight, and auto-routed to a cheaper tier. This is the product, live.
Fleet policy
mb-pro-07 A. Khan
Opus 4.8 $84
DENIED mb-air-03 R. Mendez
Sonnet 4.6 $31
DENIED mb-pro-12 J. Liu
Opus 4.8 $67
DENIED mb-pro-19 S. Patel
Haiku 4.5 $9
DENIED mb-air-08 D. Cole
Sonnet 4.6 $22
DENIED mb-pro-02 T. Rossi
Opus 4.8 $58
DENIED mb-pro-22 N. Gomez
Fable 5 $96
DENIED mb-air-11 E. Stein
Sonnet 4.6 $18
DENIED mb-pro-15 W. Berg
Haiku 4.5 $6
DENIED mb-pro-09 K. Oni
Opus 4.8 $73
DENIED mb-air-05 M. Vance
Sonnet 4.6 $27
DENIED mb-pro-31 H. Diaz
Sonnet 4.6 $24
DENIED Opus 4.8
$282 / $300
Fable 5
$96 / $400
Sonnet 4.6
$221
Haiku 4.5
$15
Local gateway
Per-model and per-$ caps, mid-flight runaway kill, cross-tool. The consumption cap. Hard-locked under MDM.
OS network filter
NetworkExtension on ADE-supervised Macs — enforcement that survives a determined shell. The hard floor.
Per-model budgets
A budget per model — with auto-route. This ships nowhere else.
Set a combined cap on the expensive tier. When it’s reached, agents are killed mid-flight and routed to a cheaper model — same work, lower bill. No provider control, dashboard, or managed setting can express this.
- Fable 5 $10 / $50
- Opus 4.8 $5 / $25
- Sonnet 4.6 $3 / $15
- Haiku 4.5 $1 / $5
per 1M tokens (input / output) · estimated (list price)
$6,000 without enforcement
$4,200 with GearFive
−$1,800 saved / mo
claude-opus-4-8 · live session replay
climbing…
The honest comparison
What actually stops the spend.
Native provider caps are real — just coarse: monthly, per-workspace, single-tool. GearFive makes them precise, real-time, per-model and universal. No row claims a rival “can’t.”
| GearFive | Spend dashboards | Native provider caps | Cloud proxies | |
|---|---|---|---|---|
| Reports spend | ✓ | ✓ | ✓ | ✓ |
| Enforces spend — not just reports it | ✓ | – | ~ real, but coarse | ✓ |
| Per-model · per-day · per-session budgets | ✓ | – | ~ monthly, per-workspace | ~ |
| Mid-flight runaway kill | ✓ | – | – | ~ |
| Cross-tool — Claude Code, Cursor, Copilot, Codex | ✓ on the endpoint | ~ | – single-tool | ✓ if routed |
| Un-bypassable on the endpoint | ✓ via MDM | – | ~ account-level | ~ shell escapes |
| Code & prompts never leave the device | ✓ | ✓ | ✓ | ✕ routes your code |
Native caps are real — GearFive makes them precise, real-time, per-model and universal.
Watch · the free on-ramp
Accurate enough to argue with Finance.
Most local tools undercount your real spend. GearFive reads every transcript recursively, prices cache by its true TTL, and reconciles to within 0.0% of the actual Console bill.
- Recursive metering Reads sub-agent & workflow transcripts a flat listing silently drops — the difference between a ~10× undercount and the truth.
- Cache priced by TTL 2× 1-hour cache write1.25× 5-minute cache write0.10× cache read
- Honestly labeled Every figure is tagged estimated (list price) or billed (Cost API) — never conflated. Subscription plans expose no billed feed; only the org/admin path does.
June reconciliation
$1,204
estimated (list price)
A $7 gap on a real account — the local estimate vs the billed truth, shown side by side, never swapped.
List prices · per 1M tokens
| Model | Input | Output |
|---|---|---|
| Fable 5 | $10 | $50 |
| Opus 4.8 | $5 | $25 |
| Sonnet 4.6 | $3 | $15 |
| Haiku 4.5 | $1 | $5 |
estimated (list price) · the free Watch app seeds the org sale.
Privacy · the moat
Govern without your code leaving the building.
GearFive reads the agent’s logs on the device and enforces on the device. Only aggregate metadata — token counts, model IDs, dollar estimates — ever crosses the line. Source and prompts never do.
A cloud proxy routes your source through a third party to control it. GearFive controls at the endpoint, so it doesn’t have to.
SSO · RBAC · SOC2 on the way for the org tier.
Improve · the loop
Turn waste into policy you can enforce.
GearFive finds the overspend, estimates what it costs, and turns each finding into a one-click enforced policy — flowing straight back into Limit. Watch → Improve → Limit closes the loop.
Opus-by-default on small edits
$640/mo218 sessions in repo `web-admin` used Opus 4.8 for one-line edits Sonnet 4.6 handles.
→ Default repo `web-admin` → Sonnet 4.6
✓ Policy enforced — pushed to the fleet
Idle cache churn
$310/moPrompt churn invalidated 1-hour cache writes — paying the 2× write, never the 0.10× read.
→ Alert on cache-hit ratio < 40%
✓ Policy enforced — pushed to the fleet
Spend on rejected edits
$380/moA third of last month’s spend on one repo went to edits the developer rejected — paid for, then discarded.
→ Flag repos where rejected-edit spend tops 25%
✓ Policy enforced — pushed to the fleet
Land & expand
17 of your engineers already run GearFive.
The free Watch app spreads bottom-up. When you’re ready to enforce, the fleet is already there — and the identity bridge turns those installs into the org rollout. No rip-and-replace.
Illustrative — no data leaves your browser.
“We blocked Opus fleet-wide in an afternoon and our AI line item stopped scaring me.”
Platform lead · design partner Book a demo Phase 0 — become a design partner Get the free Watch app
Deployment · the moat
Un-bypassable needs MDM. That’s the moat, not a limitation.
GearFive ships through the management you already run — Jamf, Kandji, Intune — on ADE-supervised Macs: the policy file, the admin helper, the system extension. A consumer tool can’t replicate non-removable enforcement. And it’s reversible: an admin lifts policy in one authorized action.
JamfKandjiIntune ADE-supervised
Managed — policy enforced
The cap holds — devs can’t switch back to the blocked model.
You just saw it work.
Now do it for real.
Lock every managed Mac to the models and budgets you approve — enforced on the endpoint, with nothing leaving it.
Book a demo Phase 0 — become a design partner Get the free Watch app
Free Watch on-ramp · talk to us about enforcement. Pricing scales with what you manage — no per-seat table to price-shop.