Agent Safety

Give agents tools.
Keep humans in control.

MCP + A2A protocol support with infrastructure-level governance. HITL gates, tool allowlists, session budgets, delegation policies. Because autonomous doesn't mean uncontrolled.

The agent safety problem

Agents need tools. But tools without guardrails are a liability.

Agents with no guardrails

Autonomous agents calling tools with no allowlists, no budget limits. One bad loop and your agent books 50 appointments.

No audit trail

Compliance asks "what did the agent do?" and you have logs scattered across 5 services.

Cross-agent chaos

Agent A delegates to Agent B, which delegates back to Agent A. No loop detection. No spending limits on delegation chains.

How gatez solves it

Agent governance enforced at the gateway layer.

1

HITL approval gates

Configurable per-tool. High-risk operations pause for human approval. Pending queue in the UI. One click to approve or deny.

2

Tool allowlists

Deny by default. Per-session. Tenant-scoped. CEL expression engine for fine-grained policies. Agents only call what you explicitly allow.

3

Session budgets

Per-session token limits. Budget check before every tool call. Max tool calls per session (default: 20). No overruns.

4

A2A delegation policies

Cross-tenant block. Chain depth limits (max 5). Loop detection. Spending policy inheritance. Agent can't delegate back to its caller.

5

Tool poisoning protection

Server fingerprinting. Naming collision detection (409 on conflict). Registry verification before allowing any tool call.

6

Audit trail

Every tool call, A2A hop, and session event logged to ClickHouse with tenant_id. Full trace from L1 → L2 → L3. CSV export for compliance.

Real-world example

How MedSync Health governs clinical agents with MCP tools.

MedSync Health — Clinical triage agent

MedSync's clinical triage agent uses 3 MCP tools with strict governance.

  • ehr-read-only — read patient records (no write, auto-approved)
  • lab-results — fetch lab results by patient ID (auto-approved)
  • scheduling — check/book appointment slots (requires nurse approval via HITL)

Every tool call has a full audit trail. Read operations auto-approve. Scheduling requires nurse approval (HITL gate).

90-day audit results

12,400
Agent sessions
0
PII leaks
100%
Scheduling approved

Every scheduling action human-approved. All patient data stayed on-prem (Ollama). HIPAA audit passed. No cross-tenant data leakage.

Deploy autonomous agents with confidence

MCP + A2A protocols with infrastructure-level governance. HITL gates. Tool allowlists. Full audit trail.

Deploy in 5 Minutes Contact Sales

Free forever. Apache 2.0 license. No credit card required.