Agent passports
Track identity, owner, purpose, runtime, service account, tool scope, data boundaries, review date, and logging status.
AgentBoundary web SaaS
AI-agent identity governance with enforceable boundaries.
AgentBoundary gives every AI agent an identity, owner, purpose, runtime, service identity, tool scope, approval policy, audit trail, and kill-switch plan so teams can govern agent access before it becomes unmanaged production risk.
Status: coming soon. Platform: hosted browser-based SaaS for AI governance and security teams. Connector access is designed to be least-privilege and approval-gated; the current preview uses controlled demo data while workspace integrations are prepared.
AI-agent governance
Governance workflow
Move AI agents from unknown tools to accountable identities.
AgentBoundary is built for inventory, policy enforcement, approvals, review campaigns, kill-switch planning, and retained evidence.
1Agent passport
2Policy decision
3Human approval
4Kill-switch dry-run
5Audit evidence
Core capabilities
Know what each agent can do, who owns it, and how to stop it.
The product centers governance around evidence-ready agent passports and deterministic control decisions instead of informal spreadsheets or ad hoc prompt records.
Deterministic policy engine
Return allow, require approval, deny, or alert-only decisions with matching policies and clear next steps.
Approval workflows
Route sensitive tool access, production changes, customer data access, and external-send capability through assigned roles.
Kill-switch planning
Dry-run disablement for service principals, OAuth grants, tool servers, CI/CD references, webhooks, and app access.
Boundary model
Govern tools, data, environments, and credentials by reference.
AgentBoundary keeps agent governance focused on accountable metadata, permission boundaries, approval state, and audit records. It stores credential references and safe fingerprints, not raw secrets or sensitive prompts.
Identity and ownership
Every agent has an owner, purpose, runtime, business unit, review date, and service identity context.
Tool and data scopes
Allowed tools, denied tools, sensitive capabilities, data boundaries, and environment boundaries stay visible.
Review and approval
High-risk agents can require SecurityAdmin, AI governance, app owner, or auditor involvement before action.
KairnexEvidence export
Export sanitized governance packages for evidence review without exposing raw secrets or full sensitive prompts.
Security boundaries
Defensive governance software only.
AgentBoundary is for inventory, review, policy enforcement, approvals, dry-run containment planning, auditability, and evidence. Live destructive actions require explicit approval and typed confirmation.
No raw API keys, OAuth refresh tokens, passwords, cookies, private keys, or hidden credentials stored
No full sensitive prompts stored or exported
Policy decisions are deterministic and auditable
Kill-switch execution is dry-run first and approval-gated
Tenant-scoped records, RBAC roles, audit logs, and review campaigns support security review