What is Tool-call Governance?
Tool-call Governance is the Scavio layer that records every tool invocation with the originating prompt, the full response payload, the agent session, and the authenticated user. Security and compliance teams query the log for anomalies, enforce per-user rate limits, and prove to auditors which queries ran against which external sources. Policies can block queries by pattern, redact response fields before the model sees them, or require human approval for high-cost queries.
Example Response
JSON
{ "call_id": "c_8f", "user": "alice@acme.com", "query": "competitor x pricing", "status": "allowed", "cost_credits": 1, "policy_matches": [] }Use Cases
- Regulated industries needing tool-call audit trails
- Internal agents with per-user cost attribution
- Security review of agent behavior
- Compliance evidence for SOC 2 and ISO
Why Tool-call Governance Matters
Agent deployments without tool-call governance cannot answer basic compliance questions about what the agent accessed, for whom, and when.
LangChain Example
Drop tool-call governance data into your LangChain agent in a few lines:
Python
tool = ScavioSearch(governance=GovernancePolicy(log_full_response=True, redact_fields=["emails"]))