Skip to main content
Private BetaContact us to get set up.
Some deployments need more than tool access—they need controls. Who can use which tools, from where, under what conditions. What gets inspected. What requires approval. What gets logged. Governance applies uniformly across everything in Char: embedded agents, remote MCP servers, the browser extension, autonomous execution. One policy layer, enforced everywhere.

The governance stack

Every tool call flows through multiple layers: Access control determines if the request is allowed at all—is this connector enabled, does this user have the right role, is this origin permitted. Guardrails inspect the content—is there PII in the arguments, does this look like prompt injection, does it violate org policies. Approval checks the risk classification—read-only operations auto-approve, destructive operations require explicit sign-off. Audit logs everything—who did what, when, with what arguments, what the result was.

What’s in this section

Access Control

Connector registry, role entitlements, origin constraints

Guardrails

Content inspection and policy enforcement

Approvals

Risk classification and approval workflows

Audit

Logging, compliance, and SIEM integration