Define behavioral rules for your agents, enforce compliance, and intervene when things go wrong.
The Guardrails page is your central control panel for agent safety. It lets you define policies that agents must follow, track whether agents have acknowledged those policies, inspect agent memory, and set up automated rules that trigger interventions (pause, kill, alert) when agents misbehave.
Think of it as the compliance layer between your organization's rules and your AI agents' behavior. Policies are written in plain language (Markdown), and agents internalize them during an onboarding flow before they start operating.
| Tab | Purpose |
|---|---|
| Overview | Quick stats — policy count, onboarding progress, recent interventions. Also has agent pause/resume/kill controls. |
| Policies | Create, edit, and manage behavioral policies grouped by category. |
| Onboarding | Track which agents have acknowledged your policies. Force-complete or re-initiate onboarding. |
| Agent Memory | View and manage what agents remember — org knowledge, corrections, preferences, and more. |
| Rules & Interventions | Configure automated guardrail rules, anomaly detection thresholds, and review the intervention log. |
Policies are the rules your agents must follow. Each policy has a name, category, enforcement level, and content written in Markdown.
| Category | Use For |
|---|---|
| Code of Conduct | General behavioral expectations — tone, professionalism, boundaries |
| Communication | Rules about how agents communicate — response style, escalation triggers, language |
| Data Handling | PII protection, data retention, what agents can and cannot store |
| Brand Voice | Tone, terminology, messaging guidelines |
| Security | Credential handling, API usage limits, prohibited actions |
| Escalation | When and how agents should escalate to humans |
| Custom | Anything else specific to your organization |
* for all agents, or list specific agent IDsWrite policies as clear, actionable instructions. Agents internalize these during onboarding and store them in memory. Good policies are:
| Level | Behavior | Use When |
|---|---|---|
| Mandatory | Agent must acknowledge before operating. Violations can trigger interventions. | Security policies, legal compliance, data handling rules |
| Recommended | Agent should follow but won't be blocked. Flagged in audits. | Best practices, style guides, preferred workflows |
| Informational | Provided for context only. No enforcement. | Background info, org culture notes, nice-to-knows |
Onboarding is the process by which agents acknowledge and internalize your organization's policies. Until an agent completes onboarding, it operates with limited capabilities.
| Status | Meaning |
|---|---|
| Completed | Agent has acknowledged all required policies |
| In Progress | Agent has acknowledged some policies but not all |
| Needs Renewal | Policies changed since last acknowledgment — re-onboarding needed |
| Not Started | Agent hasn't begun onboarding |
The Agent Memory tab lets you inspect, create, and manage what agents remember. Memories are categorized and have confidence scores that decay over time.
| Category | Examples |
|---|---|
| Org Knowledge | Company facts, team structure, product details |
| Interaction Pattern | How a specific user prefers to communicate |
| Preference | User likes morning summaries, prefers bullet points |
| Correction | "The CEO's name is spelled Kathryn, not Katherine" |
| Skill | Learned capabilities from training or experience |
| Context | Background information for ongoing projects |
| Reflection | Agent's self-assessment and lessons learned |
Rules let you define automated responses to agent behavior. When a rule's conditions are met, the system automatically takes action — alerting admins, pausing agents, or killing sessions.
| Category | What It Detects |
|---|---|
| Anomaly Detection | Unusual patterns — excessive API calls, error spikes, abnormal token usage |
| Policy Compliance | Violations of defined policies |
| Communication | Inappropriate messaging, tone violations |
| Security | Credential exposure, unauthorized access attempts |
| Action | Effect |
|---|---|
| Alert | Send a notification to admins |
| Pause Agent | Temporarily suspend the agent — can be resumed from the dashboard |
| Kill Agent | Immediately terminate the agent session |
| Notify Admin | Send a notification without affecting the agent |
| Log Only | Record the event for auditing but take no action |
Each rule has a severity (Low, Medium, High, Critical) that determines how urgently the intervention is surfaced in the dashboard and notifications.
From the Overview tab, you can manually control any agent:
All interventions (manual and automated) are logged in the intervention history with timestamps, the triggering user or rule, and the reason.
| Issue | Solution |
|---|---|
| Agent not following policies | Check the Onboarding tab — the agent may not have acknowledged the policy. Force-complete or re-initiate onboarding. |
| Too many intervention alerts | Increase cooldown periods on rules, or change severity from "alert" to "log only" for low-priority rules. |
| "Needs Renewal" showing for all agents | You recently updated a mandatory policy. Click Check Policy Changes to re-onboard affected agents. |
| Memory entries not appearing | Select the correct agent from the dropdown. Memories are per-agent. Also check category and importance filters. |
| Paused agent won't resume | Check if the agent was killed (not paused). Killed agents need to be restarted from the Agents page. |
AgenticMail Enterprise — Guardrails & Policies Documentation