Skip to main content

Autonomous AI Agents

How a SaaS operations team secured agent-driven workflows that can execute tools, browse data, and trigger production changes.

Challenge

An internal operations platform used autonomous agents to:
  • Triage incidents and open tickets
  • Query logs and metrics
  • Run controlled remediation scripts
  • Summarize root causes for postmortems
Critical Requirements
  • Prevent agents from executing unsafe commands
  • Restrict tool access by user role and environment
  • Maintain an audit trail for every tool invocation
  • Reduce false positives without slowing down incident response

Solution

KoreShield was inserted before any tool call or external API request. Each tool request was scanned, policy-checked, and either allowed, queued for approval, or blocked. 
import { Koreshield } from "koreshield-sdk";

const koreshield = new Koreshield({
  apiKey: process.env.KORESHIELD_API_KEY,
  sensitivity: "high",
});

async function guardToolCall(agentId: string, tool: string, args: string) {
  const scan = await koreshield.scan({
    content: args,
    userId: agentId,
    metadata: {
      tool,
      environment: "prod",
      risk: "elevated",
    },
  });

  if (scan.threat_detected) {
    return { allowed: false, reason: scan.threat_type };
  }

  if (tool === "runShell" || tool === "deployService") {
    return { allowed: false, reason: "Requires approval" };
  }

  return { allowed: true };
}

Agent Workflow

The agent pipeline was split into deterministic stages to reduce ambiguity:
1

Plan

Generate a step-by-step plan and required tools
2

Authorize

Validate tool use against allowlists and risk tiers
3

Execute

Run tools with scoped credentials and time limits
4

Review

Summarize actions and store the audit trail
This kept each decision observable and enforced policy at every stage.

Guardrail Design

Tool Allowlist

Only approved tools were exposed to agents

Risk Tiers

Sensitive tools required human approval

Context Scopes

Tokens limited to a single incident or service

Rate Limits

Per-agent limits to prevent runaway loops

Approval Workflow

High-risk tools triggered an approval queue with a human operator:
Deploy, rollback, and shell execution operations
All approvals recorded the user, tool, args hash, and timestamp.

Monitoring and Auditing

Tool calls captured as JSON for SIEM ingestion
Daily caps for tool usage and tokens
Each response linked to the tool calls that produced it

Results

Zero Unsafe Calls

Eliminated unsafe tool calls in production workflows

Faster Response

Reduced incident response time with safe, automated triage

Full Auditability

Complete audit trail for tool usage and model outputs

Lessons Learned

  • Agents are safest when tool access is narrow and explicit
  • Approval queues should be fast and templated for on-call teams
  • Policy tuning improves over time with real-world incident data

Security

Learn about threat detection

Monitoring

Set up alerts and dashboards

RAG Security

Secure retrieval pipelines

Build docs developers (and LLMs) love

Get started for freeTalk to us