Goal

Week 4 Day 4 focused on implementing the real backend agent runner for ClaimFlow AI.

The goal was to move from isolated tool tests to a real workflow where an agent can inspect an existing ExtractionRun, choose the next safe workflow action, pass through guardrails, execute a tool, and persist audit logs.

What Was Implemented

1. Guardrail Rules

Implemented guardrail rules to prevent unsafe or incorrect agent behaviour.

Guardrails now block actions such as:

• Final claim approval/rejection
• Unsafe tool names like send_email, approve_claim, reject_claim, delete_claim
• Decision drafting when policy evidence is insufficient
• Mutating review state when review is already final

Final review statuses are treated as terminal:

APPROVED
EDITED_AND_APPROVED
REJECTED

If one of these exists, the agent should not create follow-ups, escalate, or mutate the review workflow.

2. evaluateAgentAction

Added the guardrail evaluation layer.

Flow:

Proposed agent action
→ permission matrix check
→ guardrail rule evaluation
→ ALLOWED or BLOCKED