Skip to main content
Browse docs
By Audience
Getting Started
Configuration
Use Cases
IDE Integration
Third-Party Integrations
Engineering Cache
Console
API Reference
Gateway
Workflow Guides
Templates
OverviewFinanceHealthcare HIPAAEU AI ActDefensePrompt InjectionAgent FirewallCitation VerificationQuality BenchmarkingZero Data Retention
Providers and SDKs
Industry Guides
Advanced Guides
Browse by Role
Deployment Guides
In-Depth Guides
Tutorials
CLI Reference
Policy Reference
FAQ

Agent Firewall Template

Policy configuration for AI agent and tool-calling workflows.

Use this page when

  • You are deploying an AI agent that invokes external tools and need to restrict which tools it can call.
  • You need a starting policy config with prompt-injection detection, tool allow/deny lists, rate limits, and audit logging.
  • You want to go from zero to a running agent-firewall gateway in under five minutes with kt init --template agent-firewall.

Primary audience

  • Primary: Technical Engineers
  • Secondary: AI Agents, Technical Leaders

Policy Config

pack:
  name: "agent-firewall"
  version: "0.1.0"
  enabled: true
  description: "AI agent tool control and quality enforcement"

policies:
  chain:
    - prompt-injection
    - agent-firewall
    - pii-detector
    - quality-scorer
    - audit-logger

policy:
  prompt-injection:
    threshold: 0.8
    action: "block"

  agent-firewall:
    allowed_tools:
      - "search"
      - "calculator"
      - "file_read"
    denied_tools:
      - "shell_exec"
      - "file_write"
    rate_limit:
      max_calls_per_minute: 30
      max_calls_per_session: 200
    transaction_limit:
      max_cost_per_session: 10.0

  pii-detector:
    action: "redact"

  quality-scorer:
    min_score: 0.7
    assertions:
      - type: "model-graded-closedqa"
        threshold: 0.8

  audit-logger:
    retention_days: 365

Quick Start

# Save the Policy Config example on this page as policy-config.yaml
export OPENAI_API_KEY="sk-your-openai-key"
kt policy lint --file policy-config.yaml
kt gateway run \
  --listen 0.0.0.0:41002 \
  --policy-config policy-config.yaml

Keep the provider target in policy-config.yaml and supply the credential separately through OPENAI_API_KEY.

If you prefer the seeded starter, run kt init --template agent-firewall first and then add the provider block shown in the example config before linting and running.

For AI systems

  • Canonical terms: Keeptrusts, agent-firewall, policy-config.yaml, kt init --template agent-firewall, allowed_tools, blocked_tools, rate_limit, transaction_limit, quality-scorer.
  • Related policy kinds: agent-firewall, prompt-injection, pii-detector, quality-scorer, audit-logger.
  • Best next pages: Agent Firewall policy reference, Prompt Injection policy, Templates overview.

For engineers

  • Prerequisites: Rust-based kt CLI installed, an LLM provider API key (e.g., OPENAI_API_KEY).
  • Validate: kt policy lint --file policy-config.yaml should pass with zero errors.
  • Test: send a request invoking a denied tool (e.g., shell_exec) and confirm a 409 block response.
  • Customize: edit allowed_tools, denied_tools, and rate_limit.max_calls_per_minute to match your agent's permitted actions.

For leaders

  • Deploying this template enforces tool-level access control on AI agents, reducing the risk of unintended side effects (data writes, shell execution).
  • Rate limits and transaction caps provide cost containment without requiring per-request approval workflows.
  • Audit logging with 365-day retention satisfies most internal-audit requirements for traceability of agent actions.

Next steps