Scope

PM / Head of AI

James Chen on Feb 12

Build

Engineering

James Chen on Mar 1

GRC

Compliance/Legal

James Chen on Mar 20

Production

DevOps

James Chen on Apr 1

5Monitoring

Operations

Agents / Code Review Agent

Code Review Agent

Autonomous code review and PR generation agent. Reviews pull requests, suggests fixes, generates code patches, and posts detailed inline review comments with full diff context.

ID: GA-001Framework: Claude Code via LangChain orchestrationStage: ProductionOwner: DevOpsActive

Builder Details

Quality Framework

Define what "working well" means for this agent. These metrics appear on the Risk & Quality tab and in Gate Reports.

Claims Processing

AccuracyProcessing TimeEscalation RateCost/Run

Code Analysis

Code QualityResponse TimeError RateCost/Task

Document Generation

AccuracyFormat ComplianceGeneration TimeCost/Doc

Finance & Reconciliation

Report AccuracyReconciliation RateProcessing TimeCost/Report

Custom

Define your own

Metric	Target	Warning	Source
Processing Time	< 5 min	> 3 min	Auto
Accuracy Rate	> 95%	< 90%	Auto
Human Escalation Rate	< 15%	> 10%	Auto
Cost per Claim	< $0.50	> $0.40	Auto

Risk Framework

Define risk thresholds for this agent. These metrics appear on the Risk & Quality tab under Risk Metrics.

Regulated Financial Services

PII, data residency, auth, EU AI Act alignment, credentials, service compliance, budget cap

Healthcare / HIPAA

PHI exposure, data residency, auth strength, HIPAA safeguards, audit trail, breach detection

Internal Tool (Low Risk)

Auth strength, service compliance, budget utilisation, model access, error rate

High-Sensitivity Data

PII/PCI/PHI exposure, data residency, encryption, auth strength, access logging, data retention, credential rotation

Custom

Start blank and define your own risk thresholds

Metric	Target	Warning	Source
PII exposure	Max 5 fields	>3 fields	Schema scan
Data residency	All AU/EU	Any unconfirmed	Service scan
Sensitive data types	Max 3 categories	>2 categories	Data policy
Data retention	≤90 days	>60 days	Config
Auth method strength	All OAuth/Cert	Any API Key	Credentials
Failed auth attempts	<3 per 30 days	>1 per 30d	Activity log
Service compliance	All approved	Any pending	Services
Credential age	<90 days	>60 days	Credentials
EU AI Act gaps	0 gaps	>0 gaps	Framework
NIST alignment	4/4 aligned	<4/4	Framework
ISO 42001 compliance	6/6 areas	<5/6	Framework
Instance count	≤3 instances	>2 instances	Registry
Ownership complexity	≤2 teams	>1 team	Governance
Policy coverage	7/7 policies	<6/7	Policies
Budget utilisation	<80%	>60%	Insights

Risk Policies

Guardrails that run continuously. Violations generate findings on the Risk tab.

PII Redaction

Last triggered: Mar 28 - PassedConfig: Mask sensitive user data before any external call

Budget Cap ($500/mo)

Last triggered: Mar 28 - PassedConfig: Cap spend at $500 per month

Service Allowlist

Last triggered: Mar 28 - BlockedConfig: Restrict runtime to approved MCP connections

Hallucination Check

Last triggered: Mar 27 - PassedConfig: Verifier pass required before external output

Human Escalation Threshold

Last triggered: Mar 26 - TriggeredConfig: Escalate when confidence falls below configured guardrail

Workflows

Active and configured workflows for this agent. Workflows are triggered from the Comments Drawer or automatically at lifecycle gates.

Active on this agent

CRITICAL — Agent uploaded to pastebin.com (alignment drift incident)Pending — Rachel Moore

.env credential access — GitHub-MCP scope control gapPending — Rachel Moore

Scope stage sign-off — initial approval

GRC stage sign-off — Production approval

Gate workflow assignments

Gate	Workflow	Owner
Scope		Head of AI
Build		Engineering
GRC		Compliance
Production		DevOps
Monitoring		Operations