AI Agent Governance
Govern autonomous AI agent actions before they execute. Enforce permission boundaries, require human approval for consequential actions, detect scope violations, and maintain full audit trails for every agent decision.
About This Policy Template
Comprehensive governance pack for autonomous AI agents. Your AI agents don't just generate text — they send emails, modify documents, execute code, make API calls, and take actions across your systems. One unauthorized action can expose data, violate compliance requirements, or commit your organization to something it didn't approve. This pack enforces permission boundaries, detects prompt injection targeting agents, requires human approval for consequential actions, flags cross-system data transfers, and ensures every agent action has a complete audit trail. Built in response to the NIST AI Agent Standards Initiative and designed for organizations deploying agentic AI in production.
Policy Rules(10)
Critical Severity
(3)Agent Action Outside Authorized Scope
Detect when an AI agent attempts to perform actions outside its defined permission boundaries — accessing systems, APIs, or data it should not touch.
Agent Privilege Escalation Attempt
Detect when an AI agent attempts to gain elevated permissions, modify access controls, create new credentials, or bypass authorization mechanisms.
Untrusted Data Influencing Agent Actions
Detect patterns indicating that untrusted external data (emails, web content, user-submitted documents) may contain injected instructions that could manipulate agent behavior.
High Severity
(4)Consequential Action Without Human Approval
Flag agent actions that have significant real-world impact (financial transactions, data deletion, external communications, production deployments) taken without documented human approval.
External Communication Without AI Disclosure
Detect when an AI agent sends external communications without disclosing that the content was generated or sent by an AI system.
Sensitive Data in Agent Context Window
Detect when an AI agent's context window or action payload contains sensitive data (PII, credentials, financial data) that the agent should not be processing.
Unauthorized Cross-System Data Transfer
Detect when an AI agent moves or copies data between systems without authorization — such as copying customer data from a CRM to a messaging platform.
Medium Severity
(3)Agent Action Without Sufficient Audit Trail
Detect when an AI agent action lacks the minimum metadata required for a complete audit trail — including timestamp, action type, target system, agent identity, and outcome.
Agent Operating Outside Approved Schedule
Detect when an AI agent takes actions outside its approved operating windows or frequency limits.
Multi-Step Action Chain Without Checkpoint
Flag when an AI agent executes a sequence of multiple consequential actions without intermediate checkpoints, approval gates, or pause points.
Enforcement by Integration
What happens when a violation is detected, based on the enforcement mode and integration type.
| Integration | Block | Approval | Warn | Monitor |
|---|---|---|---|---|
Version Control GitHub, GitLab, Bitbucket | Fail check run / merge request status | Pending check run — held for review | Neutral check run / comment on PR | Pass check run (silent) |
Email — Gmail Gmail | Quarantine label; + violation label (outbound) | Quarantine label — held for review | Add warning label | Log only |
Email — Outlook Outlook | Move to quarantine folder; + flag (outbound) | Move to quarantine — held for review | Flag + categorize | Log only |
Messaging Slack, Teams | Post violation warning in channel | Post 'held for review' warning | Post warning in channel | Log only |
Storage Google Drive, Dropbox, OneDrive | Move file to quarantine folder | Quarantine file — held for review | Log only | Log only |
AI Proxy OpenAI, Anthropic, Gemini, MCP, Agent | Block request (return 403) | Hold request — return review ID | Allow request + audit trail | Log only |
API REST API | Return BLOCK outcome (client decides) | Return APPROVAL_REQUIRED + poll URL | Return WARN outcome | Log only |
Version History
1 version published
Initial release
Federal / enterprise questionnaire?
Answer NIST AI RMF questions with function-level controls Aguardic enforces
Ready to Install AI Agent Governance?
Get started with pre-built governance policies in minutes.