Admin workspace

Backend-mediated reads and writes only
Guarded runtime
Sign inReview queue

Settings

Workspace-scoped control center settings. Mutations will require backend CSRF and authorization checks.

Workspace

Guardrails

Frontend shell only
  • Direct provider API callsDisabled
  • Risky model-originated writesApproval required
  • Session exchangeBackend required