AI Infrastructure Q&A
Clear, technical answers to the most common questions about deterministic policy enforcement, EAAP, and governing AI agents.
Why does Exogram exist?
LLMs generate probabilistic outputs but lack execution boundaries and accountability. Most companies scale autonomous agents without governance infrastructure. The goal is deployable AI systems enterprises can control. Exogram introduces a 4-layer control plane to govern runtime execution.
What does deterministic policy enforcement mean?
An AI agent's proposed actions are gated by strict rules (code) rather than probabilistic inference (models). If an LLM hallucinates an action that violates policy, the infrastructure blocks it deterministically.
What is the Exogram Action Admissibility Protocol (EAAP)?
EAAP is the open protocol standardizing how AI agent actions are verified and approved before execution. It defines the payload structure for sending an agent's intent to the control plane for admissibility testing.
How is Exogram different from guardrails?
Guardrails primarily constrain outputs—they evaluate text to prevent toxicity or jailbreaks. Exogram governs runtime execution. We adjudicate the admissibility of a system call before execution happens, regardless of what the LLM hallucinates.
How is Exogram different from MCP?
MCP standardizes communication between models and tools. Exogram operates at a different layer: we govern the admissibility and execution authorization of that invocation. MCP provides the plug; Exogram acts as the circuit breaker.
Where is policy enforcement executed?
Enforcement happens via pre-execution interception at the API edge. The agent framework routes its tool execution request through Exogram. We evaluate the payload against the tenant's control plane constraints before returning an authorization verdict.
How do you validate state?
We validate state using an append-only audit ledger. Before an action is authorized, we project the proposed state change against the ledger. If it conflicts with a previously validated invariant, the action is denied based on state conflict, not prompt engineering.
Can policies be bypassed?
Not at the infrastructure level. Because Exogram sits between the agent orchestration layer and your production APIs, the agent within the Exogram-governed path cannot execute a system call without authorization through the Exogram control plane.
How does this integrate with existing agent frameworks?
We provide a universal interception layer. You wrap your existing tool calls with the Exogram client. Instead of the agent executing directly, it submits the proposed payload to Exogram. We return a verdict, and your framework executes only if authorized.
How is auditability implemented?
Every evaluated action is logged to a tamper-evident audit trail attached to the agent execution identity. It logs the exact payload, the state hash, the specific rules evaluated, and the final verdict.
What are the trust boundaries?
The primary trust boundary is the Exogram API. We assume the agent itself is untrusted and highly probabilistic. The trusted zone begins at the interception gateway, where payload evaluation and policy enforcement occur within the bounded control plane.
Ready to deploy deterministic infrastructure?