A practical internal policy guide for safely deploying AI agents in production. The core rule: bots can access internal data OR communicate externally, never both. Additional guidelines cover bot identity (dedicated email addresses with read-only access), communication channels (only approved platforms), credential management (dedicated accounts in 1Password, never shared API keys), GitHub permissions (bots can open PRs but cannot merge), and offboarding procedures to prevent orphaned agents.
Table of contents
Start with the one rule that changes everythingThe full setup, in practiceYou don’t need to have it all figured out before you startSort: