Security
Secure agent tool deployment
Agent tools are production integration surfaces. A secure deployment keeps public read tools separate from private actions, protects credentials, blocks unsafe networks, and records evidence for every runtime call.
Implementation
Path to ship.
Guide
Security baseline
Public tools should be read-safe and reviewed. Private tools should require Astrail API keys and provider credentials. Destructive operations should require explicit policy, confirmation, or a narrower endpoint.
Never treat a model prompt as a security boundary. The runtime must enforce auth, permissions, network policy, request bounds, response bounds, and credential redaction.
Guide
Evidence over trust
A secure tool call should explain whether it executed, why it was denied, which runtime mode handled it, and where to find the trace. This evidence lets teams debug without exposing secrets.
Astrail returns structured states such as auth_required, permission_denied, mapping_required, and validation_failed so agent clients do not have to guess what happened.
FAQ
Common questions.
Can runtime permissions replace provider scopes?
No. Runtime permissions are operational guardrails. Provider OAuth scopes and API keys should still be least-privilege.
What is the safest launch posture?
Launch with reviewed read tools, bearer auth for private endpoints, redacted logs, bounded calls, and explicit denial states.