-
Notifications
You must be signed in to change notification settings - Fork 1
MCP and Tool Governance
Krishna Kishor Tirupati edited this page May 11, 2026
·
1 revision
PolicyAware can govern agent tool calls before execution. This is useful for MCP-style tool protocols, internal connectors, SaaS APIs, database actions, code assistants, and workflow automation.
flowchart TD
A["Agent request"] --> B["Tool call request"]
B --> C["Tool registry"]
C --> D["Tool policy engine"]
D -->|deny| E["Block tool call"]
D -->|approval required| F["Approval workflow"]
D -->|allow| G["Execute connector action"]
E --> H["Tool audit log"]
F --> H
G --> H
id: enterprise_tool_governance
default: deny
tools:
- connector_id: github
actions:
- name: read_repo
roles: ["developer", "security_reviewer"]
- name: create_pr
roles: ["developer"]
approval_required: false
- name: delete_repo
roles: ["admin"]
approval_required: true
rules:
- name: deny_destructive_for_non_admin
effect: deny
when:
connector_id: github
action_in: ["delete_repo", "delete_branch"]
user.role_not_in: ["admin"]
- name: require_approval_for_writes
effect: require_approval
when:
action_in: ["delete_repo", "delete_branch", "write_file"]policyaware tools check examples/policies/tool-governance.yaml \
--agent code_assistant \
--connector github \
--action create_pr \
--role developerfrom policyaware.models import ToolCallRequest
from policyaware.tools import ToolPolicyEngine
engine = ToolPolicyEngine.from_file("examples/policies/tool-governance.yaml")
decision = engine.decide(
ToolCallRequest(
agent_id="code_assistant",
connector_id="github",
action="create_pr",
tenant="acme",
user={"id": "dev_1", "role": "developer"},
arguments={"repo": "acme/api", "branch": "feature/policyaware"},
)
)
print(decision.decision)
print(decision.reason_codes)
print(decision.approval_required)- Register every connector and action.
- Treat writes, deletes, external sends, payments, and production changes as high risk.
- Require approval for destructive or regulated actions.
- Log every tool call decision.
- Use rate limits and budgets for autonomous agents.
- Keep tool policies separate from prompt policies so security reviewers can reason about both clearly.
- Home
- Capabilities
- Copy-Paste Examples
- Comparison
- SEO And Distribution
- Ready-To-Use YAML
- Data Protection
- Policy Enforcement
- Gateway Orchestration
- Risk Classification
- Model Routing and Providers
- Tool Governance
- Evaluation
- Audit and Observability
- ML-Assisted Signals
- Installation
- Quick Start
- Architecture
- CLI Reference
- ML Integrations
- Provider Adapter Examples
- YAML Policy Templates