if your agent went rogue right now, what's the code path that blocks it?
been going through the landscape and most things marketed as "ai governance" fall into three buckets:
- audit logs that tell you what happened after it happened... which is observability, not governance.
- llm-as-judge where a second model watches the first... probability watching probability. this falls apart the first time someone asks for a replay in a regulated context.
- policy docs sitting in a confluence page that never actually run in the execution loop.
what's missing across all three is execution-time enforcement.. a layer between the agent's decision and the tool call that evaluates deterministically and either allows, blocks, or kicks it to a human. you get the same input, same decision, every time. there's no model in the middle.
this is almost certainly where healthcare and finance are going to land (first adopters due to compliance push), because "we'll improve next time" doesn't survive an audit.
is anyone actually running policy-as-code at the tool-call layer? or is most of the "enforcement" still llm-as-judge and logging?
for context, i'm building in this space. i'm not pitching.. just want to hear how others are approaching it