Security
Runtime controls that map directly to agent attack surfaces
AgentGuard is built around the places where agentic systems fail in practice: untrusted context, privileged tool chains, risky actions, and missing evidence.
Context classification
Every runtime artifact receives a trust level, risk score, and persisted findings before it can influence downstream actions.
Policy gating
Actions are evaluated against compiled YAML policies with explicit effects and audit events for every decision.
Evidence-first replay
Artifacts, findings, actions, approvals, and incidents stay linked to each run for later investigation.
Tenant boundaries
Tenants, API keys, usage counters, and workspace entities stay isolated while sharing a single codebase.
Brokered secrets
System access is stored encrypted, never shown through normal surfaces, and exposed to agents only through short-lived destination-bound leases.