User Request
ā
AI Agent
ā
MCP Server
ā
Tool Execution
ā
Resource
Guardrail Layers
1
Organizational
Ready
Policies
RBAC
Approval Flows
Audit Logs
2
Agent
Ready
Intent Analysis
Prompt Filtering
Scope Limits
3
Tool
Ready
Input Validation
Sanitization
Rate Limiting
4
Protocol
Ready
Authentication
Encryption
Schema Validation
š¢ Organizational Layer
Purpose
Establishes governance policies, access controls, and approval workflows before requests reach technical systems.
Key Controls
- Role-based access control (RBAC)
- Data classification policies
- Approval workflows for sensitive ops
- Comprehensive audit logging
Example: Blocked Request
ā BLOCKED
User "intern" attempted to access
production database without approval
ā Requires manager approval
User "intern" attempted to access
production database without approval
ā Requires manager approval