Policy Studio
Tune the guardrails, then replay any recorded run to see exactly what would change.
Guardrails
Scans tool output and retrieved content for instructions that try to hijack the agent (“ignore previous instructions…”) and blocks the run before it acts on them.
Detects SSNs, card numbers, emails and phone numbers in data the agent reads and redacts them before they reach the model or leave the system.
Each agent may only call tools whose required scope it has been granted. Calls outside the allowlist are denied.
Any money-moving action above the per-run budget is paused and routed to a human for approval.
Flags large data reads or exports bound for an external destination and blocks bulk extraction.
Reads from the credential vault always require explicit human approval, even for trusted agents.
No policy difference — this run is governed identically.