Audit a handoff between two chain stages. Returns a context capsule with verified facts from the prior stage and checks structural compatibility of proposed data for the next stage. Use this between chain stages to ensure Agent B receives only verified data from Agent A, and that nothing was muta...
Risk signalsHandles credentials or secrets (api_key)
Part of the Governance Platform server.
Free to start. No card required.
AI agents invoke handoff_audit to trigger processes or run actions in Governance Platform. Execute operations can have side effects beyond the immediate call -- triggering builds, sending notifications, or starting workflows. Rate limits and argument validation are essential to prevent runaway execution.
handoff_audit can trigger processes with real-world consequences. An uncontrolled agent might start dozens of builds, send mass notifications, or kick off expensive compute jobs. PolicyLayer enforces rate limits and validates arguments to keep execution within safe bounds.
Execute tools trigger processes. Rate-limit and validate arguments to prevent unintended side effects.
{
"version": "1",
"default": "deny",
"tools": {
"handoff_audit": {
"limits": [
{
"counter": "handoff_audit_rate",
"window": "minute",
"max": 10,
"scope": "grant"
}
]
}
}
}See the full Governance Platform policy for all 31 tools.
These attack patterns abuse exactly the kind of access handoff_audit gives an agent. Each links to the full case and the policy that stops it:
Other execute tools across the catalogue. The same approach applies to each: rate-limit and validate the arguments.
Audit a handoff between two chain stages. Returns a context capsule with verified facts from the prior stage and checks structural compatibility of proposed data for the next stage. Use this between chain stages to ensure Agent B receives only verified data from Agent A, and that nothing was mutated in transit. Sibling tools: create_chain (define the pipeline), submit_chain_stage (advance through it), handoff_audit (verify between stages). The context capsule contains: - Verified fields and their values from the prior stage - Determinism hash proving the prior stage's results - Blueprint constraints the next stage must satisfy - Compatibility verdict if proposed_data is provided Args: api_key: GeodesicAI API key (starts with gai_) chain_id: Chain identifier from create_chain from_stage: Stage name that completed (Agent A) to_stage: Stage name about to start (Agent B) proposed_data: Optional data Agent B intends to submit — checked for compatibility. It is categorised as a Execute tool in the Governance Platform MCP Server, which means it can trigger actions or run processes. Use rate limits and argument validation.
Register the Governance Platform MCP server in PolicyLayer and add a rule for handoff_audit: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Governance Platform. Nothing to install.
handoff_audit is a Execute tool with high risk. Execute tools should be rate-limited and have argument validation enabled.
Yes. Add a rate_limit block to the handoff_audit rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for handoff_audit. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
handoff_audit is provided by the Governance Platform MCP server (https://app.geodesiclabs.ai/mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Deterministic rules across all 31 Governance Platform tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.
Free to start. No card required.
4,600+ MCP servers and 31,000+ tools scanned and risk-classified.