Set up agent guardrails

Last updated Mar 30, 2026

Guardrails are workspace-level policies that control what your agents are allowed to do. You configure them once in MultiClaw Cloud > Settings > Guardrails, and every agent in the workspace operates within those boundaries.

Allowed domains

The Allowed domains list restricts which websites agents can visit during browser automation. Agents are restricted to domains on this list.

Add each domain you want agents to access. Use the root domain (e.g., example.com) to include all subpages. Leave the list empty to allow all domains — adding even one entry activates enforcement.

Blocked tools

Blocked tools lets you disable specific MCP tools or entire tool categories across the workspace. For example, you can disable file deletion or block all external API calls.

Toggle individual tools off, or use a category toggle to disable a group at once. Blocked tools are hidden from agents entirely — agents cannot request approval to use them.

Approval requirements

Approval requirements define which action types must pause for human review before the agent proceeds. Common examples include sending emails, making purchases, and writing files.

Enable an action type to require approval whenever any agent attempts it. The agent pauses and awaits human review before proceeding with this action type.

Maximum token budget

Maximum token budget caps the total tokens an agent can consume per task. This prevents runaway costs from long or looping tasks.

Set the cap in tokens. When an agent reaches the limit mid-task, it stops and reports the budget as exhausted. You can increase the cap at any time.

LLM provider restrictions

LLM provider restrictions limit which AI model providers agents are permitted to use. Use this to enforce a single enterprise provider or exclude providers that don't meet your data residency requirements.

Select the providers you want to allow. Agents that would otherwise use a restricted provider will fail to start and display a policy error.

Per-agent overrides

Individual agents can have additional restrictions configured on top of the workspace defaults. Per-agent guardrails can only be more restrictive — they cannot loosen a workspace-level policy.

Note:

Guardrail policies are enforced at the platform level. Test agent behaviour in a controlled environment before deploying to production workflows.

Related articles

Manage your workspace

Update workspace name, timezone, default guardrails, and view usage.

Invite and manage team members

Add members to your workspace, assign roles, and control access permissions.

Monitor agent and token usage

View token consumption, cloud desktop activity, and team member counts from the usage dashboard.