Agent Security
How granular should agent-to-tool permissions be?

Agent-to-tool permissions should be as granular as the risk of the tool requires. A low-risk read-only tool may need broad access for a specific agent role, while tools that write records, send messages, trigger payments, or expose sensitive data should have narrower permissions. Policies should distinguish agents, tools, operations, environments, and data boundaries when possible. Granularity also needs to be maintainable; overly complex policies can become difficult to review. Diagrid's content direction supports least-privilege agent access by combining workload identity, MCP/tool policy, and auditability in the production layer.