Role policy
Guest capabilities are restricted and unknown tools are never treated as low-risk by default.
Security model
Secure-by-default, operator-controlled.
YonerAI treats risky tool execution as an auditable workflow with explicit decisions, expiration windows, and policy boundaries.
- Profiles
- private / shared
- Risk levels
- LOW / HIGH / CRITICAL
- Approval gate
- Out-of-band owner decision
- Audit trail
- Tool + decision logs
Control set
Approval TTL
Approvals expire quickly. Stale approvals cannot be replayed later.
Token separation
Public web APIs require tokens and secrets are isolated from user-editable settings.