Skip to main content

Why tool governance matters

Most agent risk comes from tool access, not text generation. Xenovia keeps tool permissions close to runtime policy decisions.

Access model

1

Register

Attach tool metadata: owner, environment, criticality.
2

Scope

Define allowed operations per agent.
3

Enforce

Run checks before every tool call.
4

Record

Persist allowed, denied, and escalated outcomes.
  • Least-privilege credentials per agent.
  • Separate permissions by environment (dev, staging, prod).
  • Approval requirement for destructive operations.
  • Periodic review of unused or high-risk grants.

Evidence requirements

Each tool interaction should retain:
  • Caller identity
  • Requested operation
  • Scope and policy comparison result
  • Final decision, timestamp, and operator involvement (if escalated)