Governance

Control who can ask agents to do what, where, and with which evidence.

Enterprise agent adoption depends on permission, review, proof, and rollback. The governance plane is designed to make agent behaviour visible and bounded.

Controls

Policies before autonomy.

Agents should not gain broad access because they are useful. They should receive specific access because the task, user, environment, and approval path justify it.

Identity

SSO direction, role mapping, workspace membership, and human ownership for each run.

Approval gates

Human checks before PR creation, deployment, sensitive commands, external calls, or stateful changes.

Secrets handling

Scoped credentials, masked logs, non-model-visible secrets, and clear separation between instruction context and execution context.

Auditability

Record prompts, commands, file changes, tool calls, tests, screenshots, decisions, and handoff artefacts.

Network boundaries

Allow only the systems required for a run, with stronger boundaries for production, client, and regulated data paths.

Cost controls

Usage budgets, runtime limits, model routing, GPU allocation policy, and alerts for unusual activity.

Audit record

Every completed run should leave a reviewable evidence pack.

  1. IntentTask and requester
  2. BoundaryWorkspace policy
  3. ActionCommands and tools
  4. ChangeDiffs and artefacts
  5. EvidenceTests and screenshots
  6. DecisionApproval or rejection