EU Data Boundary
Tenant isolation, EU region pinning, and model-routing controls for sovereignty-sensitive deployments.
Human Approval Gates
High-risk workflows cannot execute until approvers sign off with a full audit chain.
Audit-First Runtime
Every run, decision, and action is logged for InfoSec review and regulator readiness.
v0 Security Controls
- SSO/OIDC support with optional password fallback for local demo mode
- RBAC roles:
viewer,operator,approver,admin - Policy pre-check for injection signal and risk classification
- Approval-before-execution for privileged workflows
- Append-only audit event stream per tenant