Guardrails & Safety

Squad is designed for high-stakes sectors where AI actions need oversight. Guardrails are layered throughout the system: from query classification to tool execution to response delivery.

Defence in Depth

Security isn’t a single checkpoint; it’s woven into every stage of the processing pipeline:

Layer	What It Does
Risk-Aware Routing	High-risk queries without a strong similarity match to a proven template are declined automatically
Security Review	Deterministic detection of dangerous operations: applied to every generated query regardless of user role
Role-Based Access Control	Permission checks before every tool call: write operations require admin privileges
Quality Review	Detects empty results, low scores, missing entities, and tool errors before a response is delivered
Human-in-the-Loop	Manual approval and rejection of queries and workflows before they become reusable templates
Authentication	All API endpoints require authentication unless explicitly whitelisted
Audit Trail	Every interaction is logged with a correlation ID for full traceability

Risk-Aware Routing

Users or administrators can assign a risk level to queries. This affects how Squad handles uncertainty:

Risk Level	Similarity Match	Action
Low/Medium	Any	Proceed normally
High	Strong match	Use approved template
High	No strong match	Decline: no execution

Tip

For safety-critical environments, configure default risk levels via your Squad administrator. High-risk queries only execute when there’s a proven, approved template to follow.

Security Review

The reviewer performs deterministic security checks on every generated query. Dangerous patterns are blocked regardless of user role: this is not LLM-based and cannot be bypassed.

Caution

Even users with elevated privileges are subject to security review. The reviewer enforces safety at the query level, independent of role-based access control.

Role-Based Access Control

Squad enforces granular permissions at two levels:

API-Level Permissions

Each endpoint declares its required permissions. Standard users can execute queries and view results; elevated roles can manage the knowledge base, approve queries, and access administrative functions.

Tool-Level Access

Tools have risk-based access controls. Read-only tools are available to all authenticated users. Write operations require administrator privileges.

Human-in-the-Loop

Two surfaces provide manual oversight:

Tune Page

The admin control plane for managing the system’s learned knowledge:

• Pending: queries awaiting approval; approve to make them reusable templates
• Approved: active templates with reuse statistics
• Declined/Rejected: queries that were blocked or rejected
• Workflows: saved workflow templates that can be revoked or restored

Review Panel

Available in the artifact panel during chat sessions:

• View pending review items for the current session
• Approve, reject, or amend query results
• Amendments are saved with corrections for future use

Audit Trail

Every query execution generates a unique correlation ID that flows through all logging and event emission:

• Structured logs with session, user, and event type metadata
• Real-time event stream includes correlation IDs for client-side tracing
• Persistent records track every interaction for compliance and investigation

Note

The audit trail is immutable by design. Events are append-only: there is no mechanism to delete or modify historical audit records.

Next Steps

• Security & Governance: authentication, data protection, and compliance
• Human-in-the-Loop: detailed HITL workflow guide
• API Reference: authentication and authorisation details