Scope

PM / Head of AI

Matt D. on Feb 10

Build

Engineering

Simon R. on Feb 24

GRC

Compliance/Legal

Blocked until findings are resolved

4Production

DevOps

5Monitoring

Operations

Agents / LangChain Bot

LangChain Bot

An engineering-owned automation bot touching high-sensitivity finance systems.

ID: GA-003Framework: LangChainStage: GRCOwner: Compliance/LegalBlocked

Builder Details

Quality Framework

Define what "working well" means for this agent. These metrics appear on the Risk & Quality tab and in Gate Reports.

Claims Processing

AccuracyProcessing TimeEscalation RateCost/Run

Code Analysis

Code QualityResponse TimeError RateCost/Task

Document Generation

AccuracyFormat ComplianceGeneration TimeCost/Doc

Finance & Reconciliation

Report AccuracyReconciliation RateProcessing TimeCost/Report

Custom

Define your own

No metrics yet. Select a template above or add one manually.

Risk Framework

Define risk thresholds for this agent. These metrics appear on the Risk & Quality tab under Risk Metrics.

Regulated Financial Services

PII, data residency, auth, EU AI Act alignment, credentials, service compliance, budget cap

Healthcare / HIPAA

PHI exposure, data residency, auth strength, HIPAA safeguards, audit trail, breach detection

Internal Tool (Low Risk)

Auth strength, service compliance, budget utilisation, model access, error rate

High-Sensitivity Data

PII/PCI/PHI exposure, data residency, encryption, auth strength, access logging, data retention, credential rotation

Custom

Start blank and define your own risk thresholds

Metric	Target	Warning	Source
PII exposure	0 fields	>0 fields	Schema scan
Sensitive data types	Max 2 categories	>1 category	Data policy
Data classification	≤Confidential	Restricted or above	Data policy
Data residency	All AU/EU	Any unconfirmed	Service scan
Auth method strength	All OAuth/Cert	Any API Key	Credentials
Failed auth attempts	<3 per 30 days	>1 per 30d	Activity log
Service compliance	All approved	Any pending	Services
Credential age	<90 days	>60 days	Credentials
EU AI Act gaps	0 gaps	>0 gaps	Framework
NIST alignment	4/4 aligned	<4/4	Framework
ISO 42001 compliance	6/6 areas	<5/6	Framework
Instance count	≤3 instances	>2 instances	Registry
Budget utilisation	<80%	>60%	Insights

Risk Policies

Guardrails that run continuously. Violations generate findings on the Risk tab.

PII Redaction

Last triggered: Mar 28 - PassedConfig: Mask sensitive user data before any external call

Budget Cap ($140/mo)

Last triggered: Mar 28 - PassedConfig: Cap spend at $140 per month

Service Allowlist

Last triggered: Mar 27 - BlockedConfig: Finance-MCP requires certificate auth

Hallucination Check

Last triggered: Mar 27 - PassedConfig: Verifier pass required before external output

Human Escalation Threshold

Last triggered: Mar 27 - TriggeredConfig: Escalate when confidence falls below configured guardrail

Workflows

Active and configured workflows for this agent. Workflows are triggered from the Comments Drawer or automatically at lifecycle gates.

Active on this agent

Finance-MCP API key auth — security findingPending — Rachel Moore

Gate workflow assignments

Gate	Workflow	Owner
Scope		Head of AI
Build		Engineering
GRC		Compliance
Production		DevOps
Monitoring		Operations