AI Guardrails & Approval Policies
Phase 9 — Security & Access Control · OpenFrame Onboarding
Mingo can do real work on real machines — and that power needs a leash you control. Guardrails are how you decide what the AI may do on its own, what it has to ask a technician about, and what it's flat-out blocked from doing. If you ever wondered where those "Technician approval required" cards in tickets come from (Phase 6), this is the setting behind them.
Before you start
- You need an Admin role.
- Find it under Settings → AI Settings & Guardrails.
Start with a preset
The fastest way to set a sane baseline is to pick a Guardrails Preset. Click Edit Settings and choose one:
- Autonomous — maximum autonomy for trusted environments. Most operations auto-approve, including file management, process control, and system configuration. Only user deletion needs technician approval.
- Permissive — full operational freedom for experienced teams. Unrestricted access to most functions including software management, remote access, and system control. Only destructive operations like device wipes require a tech.
- Balanced — standard MSP operations with safety controls. Monitoring, security updates, file cleanup, and diagnostics are allowed; software installs, configuration changes, and system restarts require approval; device wipes and permission changes stay blocked.
- Restrictive — maximum protection for sensitive environments. Users can monitor, view logs, and send notifications, but file operations, software management, configuration changes, and remote access are blocked.
Pick the one closest to your risk tolerance. Balanced is a sensible default for most MSPs; tighten to Restrictive for sensitive clients.
Tune individual actions
A preset is a starting point, not a straitjacket. Below the presets, guardrails are grouped by policy area — File Operations (downloads, file management, uploads), System Control (power, process management, remote access), and more. Expand any group to see its individual rules.
Each rule has an enforcement level that decides what happens when Mingo wants to do that thing:
- Auto-approve — Mingo just does it.
- Ask User — the client is prompted to approve.
- Ask Technician — a tech has to approve before it runs (this is the approval card you see in the ticket).
- Block — never allowed.
For example, under File Management you'll see Delete files and folders set to Ask Technician, while Move or rename files and Create files or directories sit at Ask User. Deleting is riskier, so it demands a human with more authority. Adjust each rule to match how much you trust the AI with that specific operation.
To build your own from a known baseline, click Use for Custom Policy next to any preset — it loads that preset's rules as a starting point you can then edit action by action, then switch the selector to Custom Policy.
Save and verify
Click Save Settings when you're done. From then on, anything you've set to Ask Technician or Ask User will surface an approval card instead of running silently — exactly the behavior covered in Approval Workflows (Phase 6). Test it by triggering an action you've gated and confirming the approval prompt appears.
Quick checklist
- Opened Settings → AI Settings & Guardrails → Edit Settings
- Picked a preset (Balanced for most; Restrictive for sensitive clients)
- Expanded policy groups and set enforcement levels per action
- Used Use for Custom Policy if you needed a tailored baseline
- Clicked Save Settings and confirmed an approval card appears for a gated action
What's next
You've decided what the AI can do. The last piece is seeing what actually happened: Audit & Activity Logs gives you the record of every action across your tools.
Based on OpenFrame v0.9.19. Presets, policy groups, and enforcement options evolve between releases — what's in your console wins.
