Agent Tooling & Prompts
Three-Tier Framework
BayanCore AI agents follow a three-tier framework. Each tier increases in autonomy but requires stricter guardrails.
Tier 1: Ask
- Natural language queries over company data
- Read-only access to documents, reports, dashboards
- RAG-powered responses with source citations
- No system changes
Tier 2: Act
- AI performs actions on behalf of the user
- Drafts documents, creates records, suggests workflows
- All changes require human review before commit
- Tool registry with JSON schemas and RBAC
Tier 3: Automate
- Fully automated workflows for repetitive tasks
- Requires explicit user opt-in
- Strict validation rules and rollback capability
- Audit trail for every automated action
Tool Registry
- JSON schema definitions for all available tools
- RBAC-based tool access per user role
- Versioned tool contracts
- Tool execution logging and audit
Safety Guardrails
Input Validation
- Prompt injection detection
- PII redaction before LLM processing
- Rate limiting and abuse prevention
- Content filtering for inappropriate requests
Output Validation
- Financial data cross-referencing
- Deterministic rule validation
- Hallucination detection
- Confidence scoring and uncertainty flags
Execution Guardrails
- RBAC enforcement on all AI actions
- Transaction limits per user/role
- Time-based restrictions (e.g., no overnight automated actions)
- Approval workflows for high-risk operations
Safety Principles
- Human-in-the-Loop: All financial actions require human approval
- Source Attribution: Every AI response cites its data sources
- Permission Boundaries: AI cannot access data the user cannot
- Audit Trail: All AI interactions are logged and reviewable
- Rollback Capability: Every AI action can be undone