GOVERNANCE

Control what agents can reach. Keep authority in your business system.

Bailing AI does not bypass your permission model. It signs tool calls, carries the on-behalf-of subject, records trace and audit data, and lets your backend make the final business decision.

Allowlist by route

Each route exposes only the tool scopes it explicitly allows.

Risk and confirmation

Use low, medium, high, confirm-required, and parameter-level rules to model business risk.

Signed tool calls

Tool calls include HMAC signatures, timestamps, job id, tool name, and on-behalf-of subject.

Audit and trace

Every important runtime event is recorded for debugging, compliance review, and replay analysis.

Design tools with governance from day one.

Tool governanceApprovals