Reference.

What AgentLoop enforces on your data today.

Guardrails

Tenant isolation

Every record carries an org_id. All queries filter by the caller's org_id at the database level — cross-tenant reads are structurally impossible, not policy-enforced.

Active

Audit log

Every create, search, promote, edit, and delete writes an entry to the audit_log collection with timestamp, actor, and operation details. Audit logs outlive the org — they're the paper trail.

Active

Content validation

Annotations missing required fields (question, agent_response, correction) return 422. Correction text is trimmed and length-checked before storage.

Active

Duplicate detection

When a new correction's embedding matches an existing memory above the duplicate-similarity threshold (configurable per-org, default 0.95), the existing memory is updated instead of creating a second one.

Active

Review queue TTL

Pending review turns expire after 30 days. Keeps the queue bounded even if reviewers fall behind. Configurable via TURN_TTL_DAYS env var.

Active

Rate limiting

Per-API-key token bucket: 120 requests/minute on /v1/memories/search and /v1/turns, 30 requests/minute on /v1/annotations. Returns 429 with Retry-After: 60 when exceeded. Configurable via env vars.

Active

PII detection

Client-side masking of CPF, CNPJ, email, phone, and card numbers before sending to AgentLoop. Implemented in the SDK helpers; responsibility of the caller to use them.

SDK-only

Platform capabilities

What you get when you use AgentLoop. Implementation details are maintained for you so you don't have to think about them.

Multi-tenant isolation

Every record carries an org_id. Queries filter by org at the database level — cross-tenant access is structurally impossible, not policy-enforced.

Semantic search

Vector-based similarity search across all your corrections. Returns the most relevant facts for any query, not just keyword matches.

Encrypted in transit and at rest

All API traffic is HTTPS. Stored data is encrypted at rest at the platform level.

Per-API-key rate limiting

120 req/min on read paths (search, log turn) and 30 req/min on write paths (annotations). Returns standard 429 with Retry-After when exceeded.

Audit log

Every create, update, and delete operation is logged with timestamp, actor, and operation details. Audit logs outlive the org.

Review queue TTL

Pending review turns auto-expire after 30 days. Keeps the queue bounded even if reviewers fall behind.

Provider-agnostic LLM integration

Drop-in wrappers for OpenAI and Anthropic. Other providers via the REST API.

Cross-language SDK parity

Identical behavior in JavaScript and Python. HMAC signatures from one work on the other — feedback URLs are language-agnostic.