NPU AI Guardrails
Policy enforcement for developer AI tools and agentic delivery workflows.
NPU AI Guardrails help organisations adopt AI-assisted development safely by enforcing company policy, client-data controls, POPIA-aligned privacy requirements, and secure software delivery standards directly inside the developer workflow.
This is not another AI policy document.
NPU Labs helps organisations turn AI policy into enforceable controls across IDEs, coding assistants, agent SDKs, repositories, pull requests, CI/CD pipelines, MCP servers, and enterprise AI platforms.
What NPU Labs provides
Guardrails for developer AI tools, internal agents, and agentic ways of working.
The guardrails help control how AI is used across software delivery, architecture, documentation, automation, and enterprise development workflows. NPU AI Guardrails can enforce:
- Approved AI tool usage
- Approved model and provider routing
- Client-data detection and redaction
- Prompt and context inspection
- Source code and secrets protection
- Tool-call approval
- MCP server access control
- Repository and pull request checks
- CI/CD policy gates
- Audit logging and evidence capture
- Human approval for sensitive actions
POPIA-aligned AI usage
Designed for POPIA-aligned AI usage.
For South African organisations, client information must be handled carefully when AI tools are used. NPU AI Guardrails are designed to support POPIA-aligned operating controls, including:
- Data minimisation
- Purpose-based processing
- Client-data classification
- Prevention of unnecessary personal information exposure
- Redaction and tokenisation before AI processing
- Approved provider and model usage
- Cross-border data handling controls
- Audit evidence for internal governance
- Role-based access to sensitive workflows
- Controls for financial, identity, biometric, policy, claims, and regulated data
The goal is simple: developers and agents should not be able to casually send sensitive client or company information to unapproved AI services.
Guardrails where the work happens
Practical enforcement points, not theoretical governance.
The guardrails can be applied across the tools, systems, and pipelines your teams already use.
Area
Enforcement example
IDE and coding assistants
Detect sensitive data before it is sent to an AI tool
Agent SDK hooks
Inspect prompts, tool calls, file reads, file writes, and approvals
Git repositories
Block secrets, unsafe generated code, and policy violations before merge
Pull requests
Run AI usage, code quality, security, and data-risk checks
GitHub Actions and CI/CD
Enforce policy gates before deployment
MCP servers
Control what agents can access and when
Enterprise model gateways
Route requests only to approved models and providers
Audit systems
Capture evidence of AI usage, approvals, and policy decisions
Developer AI tools and agent SDK integrations
Implemented across the tools developers and agents already use.
NPU AI Guardrails can be implemented across typical integration points, including:
The implementation is designed around policy-as-code, event-driven enforcement, and auditable controls.
How it works
Every AI action passes through the policy engine before it lands.
Requests from developers and agents are intercepted at the point of use, evaluated against policy, and either allowed, redacted, or held for approval, with every decision written to an audit trail.
Entry points
Interception
Policy engine
Decision
Repository & delivery
- 01Git repository
- 02Pre-commit checks
- 03Pull request checks
- 04CI/CD policy gates
Agent system access
- 01MCP servers
- 02Business-system access controls
Every path (policy decisions, CI gates, and system access) feeds the audit and evidence store, ready for security, compliance, and architecture review.
Control layers
Five layers of enforcement, from prompt to pull request.
Prompt and context controls
NPU AI Guardrails inspect the information being sent to AI tools. This can include detection of:
- Client names
- ID numbers
- Policy numbers
- Account numbers
- Financial information
- Medical or claims information
- Biometric references
- Confidential documents
- Internal source code
- Credentials and secrets
- Production data
Where needed, the guardrails can block the request, warn the user, redact the data, tokenise the data, or require approval.
Model and provider controls
Not all AI models and providers should be treated the same. NPU AI Guardrails can enforce approved routing rules, such as:
- Block public or personal AI tools for client information
- Allow only enterprise-approved AI services
- Route sensitive workloads to private or self-hosted models
- Route low-risk tasks to approved external models
- Enforce model selection by data classification
- Log the model, provider, purpose, and policy decision
This allows organisations to use AI without losing control over where data goes.
Agent tool controls
AI agents can call tools, read files, modify code, query systems, and trigger workflows. NPU AI Guardrails help control:
- Which tools an agent may use
- Which files an agent may read or write
- Which MCP servers an agent may access
- Which APIs an agent may call
- Which environments an agent may touch
- When human approval is required
- When execution must be blocked
This is critical for agentic software delivery, where AI is not only generating text but taking actions.
Repository and pull request controls
AI-generated code must still meet engineering standards. NPU AI Guardrails can add checks for:
- Secrets committed to source control
- Unsafe generated code
- Missing tests
- Weak error handling
- Unapproved dependencies
- Licence and package risk
- Insecure configuration
- Policy violations
- AI-generated changes that require human review
These checks can run during pre-commit, pull request review, and CI/CD.
Audit and evidence
Organisations need evidence that AI is being used responsibly. NPU AI Guardrails can capture:
- Which AI tool was used
- Which model or provider was used
- What policy applied
- Whether data was redacted
- Whether a request was blocked or approved
- Which tools an agent called
- Which files or systems were accessed
- Who approved a sensitive action
- Which pull request or deployment was affected
This creates a practical audit trail for security, compliance, architecture, and governance teams.
Example use cases
What the guardrails do in practice.
Preventing client data exposure
A developer attempts to paste a client record into a coding assistant to generate a support script.
The guardrail detects personal and financial information, blocks the request, and suggests a redacted version using placeholders.
Controlling AI-generated code in pull requests
A pull request contains AI-generated code that adds a new dependency and modifies authentication logic.
The guardrail flags the change for additional review, checks the dependency risk, and requires security approval before merge.
Enforcing approved model usage
An internal agent attempts to send sensitive business context to an unapproved external model.
The guardrail blocks the request and routes the task to an approved enterprise model or private model endpoint.
Securing MCP access
An agent tries to query a business system through an MCP server.
The guardrail checks the agent role, task purpose, data classification, and approval status before allowing access.
Where this fits in NPU Labs
Guardrails sit across three NPU Labs offerings.
Policy and AI Strategy
NPU Labs helps define the organisation's AI usage policy, AI governance model, risk controls, and operating standards.
Services
NPU Labs implements the technical enforcement layer across developer tools, repositories, AI agents, MCP servers, and cloud or self-hosted AI platforms.
AI EngineeringAgentic Way of Working
NPU Labs helps teams adopt an agentic way of working where AI assists with delivery, but remains controlled, auditable, and aligned to company standards.
Agentic WoWOutcomes
What organisations get from NPU AI Guardrails.
- Use AI developer tools safely
- Reduce accidental client-data exposure
- Enforce AI policy at the point of use
- Support POPIA-aligned AI operations
- Improve visibility of AI-assisted work
- Control agent access to tools and systems
- Protect source code, secrets, and internal information
- Create audit evidence for governance teams
- Adopt agentic delivery without losing control
Recommended implementation approach
From AI usage today to enforceable controls in production.
- 1
AI usage and risk assessment
Review how teams currently use AI tools, coding assistants, chat interfaces, agent frameworks, repositories, and automation platforms.
- 2
Policy-to-control mapping
Translate AI usage policy, POPIA requirements, security standards, and engineering rules into enforceable technical controls.
- 3
Guardrail integration
Implement guardrails across IDEs, AI assistants, agent SDK hooks, MCP servers, Git repositories, pull requests, and CI/CD pipelines.
- 4
Monitoring and audit evidence
Capture logs, policy decisions, approvals, model usage, tool calls, and evidence required by security, legal, compliance, and architecture teams.
- 5
Continuous improvement
Tune the guardrails as teams adopt new AI tools, new agent workflows, and new delivery patterns.
Build AI adoption on enforceable controls
NPU AI Guardrails turn AI policy into enforceable controls for developer tools and agentic delivery workflows.
They help organisations use AI safely without blocking engineering productivity. NPU Labs designs and implements the guardrails needed to use AI developer tools, coding assistants, agents, and MCP-enabled workflows safely across enterprise software delivery.
Speak to NPU Labs about implementing AI guardrails for your developer teams and agentic way of working.