Contents

Blueprint to securely plug AI agents into any business process inside your organization.

I trust my AI Agent, but not that much...

Agents 428 words 3 minutes

The Problem Statement

I wanted my agent to help me manage my emails, but I do not want it to be proactive and send emails in my name (which it did during my initial research phase).

AI tried to spam potential customers - not what I wanted!!!

Unfortunately, the default Gmail API is not very selective - the modification access also allows sending emails.

The Implementation

GPT5.5 suggested building a custom MCP extension to add extra guardrails. While I like the idea of strictly enforcing allowed actions, I’m not a big fan of MCP - it increases complexity and typically is not needed to achieve the business goal.

Instead of MCP, I suggest using CLI (Command-Line Interface) to extend agents’ capabilities while keeping them in check.
Benefits of CLI:

  • easy to secure
  • easy to test in an automated way
  • easy to understand by the agent (self-documenting)
  • easy integration with existing tools and processes

AI agents work great with CLI tools, so I instructed GPT5.5 to design and implement one for my needs.

Next, I tested various scenarios, including several edge cases, to validate that restrictions are in place - I trust GPT5.5, but I trust the local verification script even more ;)

Finally, I created a Skill describing how my agent should use that CLI tool.

Hints:

  • The Skill must describe the business intent and provide an overall idea of how to use the corresponding tools.
  • Tools should have comprehensive help and informative error messages so agents can use them effectively.
  • Do not trust the agent to obey the rules described in Skill; enforce them within the Tool so the agent cannot override/ignore them.
  • Ensure the Tool is easy to understand and to invoke by the agent - human-readability is the second priority.

The Bigger Picture

Why should you care about my little setup?

You can apply the same blueprint to securely plug AI agents into any business process inside your organization. AI agents are getting more and more capable, but you can not trust that they won’t go rogue.
There are several reasons they might do so:

  • Someone might try to trick your agent into exposing sensitive data and/or invoking unintended functionality.
  • The agent might execute unwanted actions, as they do now and then, without any obvious reason.

Comment or reach out to me, and I will share with you the prompt template you can use to instruct AI to generate CLI tools for agents in your organization.

👉 I’m happy to help if you could use my support in building practical AI capabilities in your enterprise.

Join the Industrial IoT Briefing, get strategic insights on architecture, hardware scaling, and operational resilience. (by subscribing you accept the privacy policy)
    Agents