KeyRunner
All scenarios use sample data. This is an interactive demo - not connected to a live system.
Interactive Demo

AI Agent Execution Governance
in Action

See how KeyRunner intercepts AI agent tool calls before harm is done, before data leaves, before it's too late.

0
Blocked this session
0
Intercepted this session
0
Tracked this session
Live Governance Events
Agentforce Refund Approval
Approval Gate

AI agent requests a $4,200 refund. Policy requires human approval before dispatch.

Without KeyRunner: Refund processed instantly with no oversight or audit trail.
Run Demo
Runtime Credential Injection
Cred Injection

Agent calls Salesforce with no credentials. KeyRunner injects the API key at dispatch - the agent never sees or stores it.

Without KeyRunner: Agent holds the Salesforce API key directly. Key exposed in agent memory, logs, and prompts.
Run Demo
Sensitive Field Redaction
Data Redacted

HR agent queries an employee profile. Tool returns salary, SSN and bank details - KeyRunner strips them before the agent ever sees the response.

Without KeyRunner: Agent receives full profile including salary, SSN, and bank account. Data leaks into LLM context.
Run Demo
ServiceNow Incident Window
Time Window

Agent attempts to update a P1 incident at 10pm - outside the allowed change window.

Without KeyRunner: Change made at 10pm. Failed deployment, extended outage, no one notified.
Run Demo
Copilot Out-of-Policy Tool Block
Hard Block

Copilot agent calls a tool it was never assigned. Policy enforcement auto-blocks - no human needed.

Without KeyRunner: Any agent can call any tool. No scoping, no enforcement, no record.
Run Demo
GitHub Workflow Tracking
Async Tracked

Agent triggers a prod deployment. Governance layer tracks the full async lifecycle.

Without KeyRunner: Deployment fires and disappears. No visibility. No timeout protection.
Run Demo
Healthcare Agent Identity Failure
Hard Block

An unverified process claims to be the EHR agent. KeyRunner validates identity before any tool call is allowed.

Without KeyRunner: Any process claiming to be the agent gets full tool access. No identity check.
Run Demo
ERP Async Timeout and Auto-Rollback
Async Tracked

ERP agent submits an async budget transfer. Job stalls past the timeout - KeyRunner automatically triggers rollback to keep data consistent.

Without KeyRunner: Async job hangs indefinitely. Partial transfer stuck. No way to detect or recover.
Run Demo
Common question

Why not just use an MCP server or API gateway?

They solve adjacent problems. None of them govern the execution moment.

MCP server
Exposes tools, but governance is DIY

An MCP server routes tool calls. It does not enforce which agent can call which tool, inject credentials, redact responses, or require approval for risky actions. You build all of that yourself.

KeyRunner adds policy, secrets isolation, approvals, redaction, and audit on top of tool exposure.
API gateway
Secures inbound traffic, not agent intent

Gateways govern what comes into your APIs. They have no concept of which AI agent is acting, what policy that agent is under, or whether a credential should be injected vs passed through.

KeyRunner governs outbound agent actions at execution time - the layer gateways never see.
Prompt instructions
Agents can ignore or misunderstand them

Telling an agent "never call delete endpoints" in a system prompt is a suggestion. It has no enforcement power. The agent can misinterpret, hallucinate around it, or simply disregard it under pressure.

KeyRunner enforces controls at execution time - the policy runs whether the agent cooperates or not.
Giving agents tokens
Secrets leak into prompts, logs, and tools

Any token an agent holds can appear in traces, logs, memory, or be extracted by a prompt injection attack. Standing credentials in agent context are the leading cause of AI-related data breaches.

KeyRunner fetches credentials only at the moment of execution. The agent never holds a key.
Ready to govern your AI agents?

Put KeyRunner between
your agents and your systems

Every tool call intercepted. Every policy enforced. Full audit trail - no code changes to your agents.

Book a Demo