Cognipeer

developers

HomeUse Cases
Use Cases
/

Enterprise AI Governance

Enterprise AI Governance

Enforce guardrails, track usage, manage projects, and observe all AI operations from a single control plane.

Console
Agent SDK

Overview

Enterprise AI deployments need governance: who can access what, how much they're spending, what the AI is actually saying, and whether it's staying within policy. Cognipeer provides this through Console's observability layer and Agent SDK's runtime guardrails.

This guide covers setting up enterprise-grade governance across your AI infrastructure.

Architecture

Console provides the control plane: project management, API key scoping, usage tracking, tracing, and dashboard-level observability.

Agent SDK adds runtime-level governance with input/output guardrails, content filtering, and approval workflows.

1. Project-Scoped API Keys

Console organises resources into projects. Each project gets its own API keys, models, and usage quotas.

// Each project has isolated API keys
// Configure via Console dashboard:
// 
// Project: "Customer Support"
//   - API Key: cp_support_xxx
//   - Allowed models: gpt-4o, claude-3.5-sonnet
//   - Rate limit: 100 req/min
//
// Project: "Internal Tools"
//   - API Key: cp_internal_xxx
//   - Allowed models: gpt-4o-mini
//   - Rate limit: 500 req/min

// In your application, use the project-scoped key
const client = new ConsoleClient({
  apiKey: "cp_support_xxx",  // Scoped to "Customer Support"
  baseURL: "https://your-console.example.com",
});

2. Agent SDK Guardrails

Apply input and output guardrails in Agent SDK to control what agents can say and do before and after a response is generated.

import { createSmartAgent } from "@cognipeer/agent-sdk";

const governedAgent = createSmartAgent({
  name: "GovernedAssistant",
  model,
  tools: [/* ... */],
  guardrails: {
    input: [
      // Block prompt injection attempts
      { type: "injection_detection", config: { sensitivity: "high" } },
      // Filter inappropriate content
      { type: "content_filter", config: { categories: ["hate", "violence"] } },
    ],
    output: [
      // Mask personal information
      { type: "pii_filter", config: { mask: true, types: ["email", "phone", "ssn"] } },
      // Enforce response length
      { type: "length_limit", config: { maxTokens: 2000 } },
    ],
  },
  // Require human approval for sensitive actions
  humanInTheLoop: {
    requireApproval: ["send_email", "delete_record", "update_account"],
  },
  tracing: { enabled: true },
});

3. Console Guardrail Evaluation

Use Console guardrails when you want tenant-managed policies that can also be evaluated outside the agent runtime, for example at API boundaries or batch moderation steps.

import { ConsoleClient } from '@cognipeer/console-sdk';

const client = new ConsoleClient({
  apiKey: process.env.COGNIPEER_API_KEY!,
  baseURL: 'https://console.example.com',
});

const moderation = await client.guardrails.evaluate({
  guardrail_key: 'support-output-policy',
  text: 'Please share the customer password reset token here.',
  target: 'output',
});

if (!moderation.passed) {
  console.log(moderation.action, moderation.findings);
}

4. Observability & Tracing

Console traces every request through the system — from API call to provider response. Use the tracing API to ingest agent-level traces too.

// Console SDK tracing integration
await client.tracing.ingest({
  sessionId: 'sess_governance_1',
  threadId: 'thread_customer-support',
  source: 'custom',
  status: 'success',
  startedAt: new Date(Date.now() - 800).toISOString(),
  endedAt: new Date().toISOString(),
  durationMs: 800,
  agent: {
    name: 'governed-assistant',
    version: '1.0.0',
    model: 'gpt-4o-mini',
  },
  summary: {
    totalInputTokens: 450,
    totalOutputTokens: 180,
    totalCachedInputTokens: 0,
    totalBytesIn: 9000,
    totalBytesOut: 4200,
    eventCounts: { ai_call: 1, tool_call: 1 },
  },
  events: traceEvents,
  errors: [],
});

// View in Console dashboard:
// - Session timeline with all events
// - Token usage and cost per session
// - Tool call success/failure rates
// - Guardrail trigger frequency

Result

You now have enterprise AI governance that:

- Isolates projects with scoped API keys and quotas - Applies runtime guardrails inside Agent SDK - Evaluates centrally managed guardrails through Console APIs - Requires human approval for sensitive operations - Traces every request, tool call, and decision - Dashboards usage, cost, and compliance metrics

All Use Cases