Public beta operational patterns

Reference patterns for high-risk autonomous workflows.

Conceptual implementations for payments, shell controls, MCP boundaries, database writes, and early multi-agent handoff checks. These are reference patterns, not customer deployments.

Operational Patterns

Operational Pattern 01: Payment Threshold Authorization

Payment agents can create real financial side effects. CapFence sits before the payment API and evaluates the requested transfer before money moves.

Read pattern
Operational Patterns

Operational Pattern 02: Shell Execution Boundary

Shell access is one of the highest-risk capabilities an agent can hold. CapFence wraps the shell tool and evaluates command shape before a process is spawned.

Read pattern
Operational Patterns

Operational Pattern 03: MCP Filesystem Boundary

MCP servers often trust the client completely. CapFence runs as a proxy before the upstream MCP server and evaluates each tool call.

Read pattern
Operational Patterns

Operational Pattern 04: Database Write & Schema-Change Boundary

Text-to-SQL agents can generate destructive queries. CapFence evaluates the request class before the database connection executes it.

Read pattern
Operational Patterns

Operational Pattern 05: Experimental Agent Handoff Checks

Multi-agent systems can pass untrusted context into privileged execution. CapFence can evaluate adapter-provided handoff metadata before allowing a privileged tool call.

Read pattern