Blog SECURITY
openleash/what-cisos-ask-about-agent-guardrails

What CISOs ask us about agent guardrails

The eight questions that come up in every security review, and the honest answers — including the ones we don't love.

Security teams need one policy, approval, and audit layer across a messy, growing agent ecosystem.

1Risky command
2Reason + context
3Human decision
4Evidence
Interrupt rarely, explain clearly, record the decision.
CISOgovernanceaudit

The short version

Agent guardrails matters because agents are no longer just suggesting changes. They read files, call tools, run commands, and move context between systems.

OpenLeash keeps that power visible. Every plugin can inspect an event, make a decision, and leave an audit trail that humans can understand later.

What OpenLeash watches

Prompts, tool calls, sessions, skills, logs, and startup inventory all flow through the same event model. Plugins can block, mask, rewrite, compress, export, or simply observe.

That keeps the workflow fast when the agent is safe and explicit when the blast radius changes.