Compare
Prompt guardrails guide behavior. Runtime governance controls execution.
AI agent security needs both. Prompt instructions can reduce unsafe intent, but z-gateway evaluates the actual tool call before it reaches GitHub, Postgres, or another connected production system.
Comparison
| Control | Prompt instructions | App-level RBAC | Runtime tool governance |
|---|---|---|---|
| What it controls | Model behavior and responses | Human or app permissions | The actual tool call before execution |
| Audit logs | Usually weak or indirect | Often records user access | Records agent, tool, action, resource, and decision |
| Enforceable allow/deny | Advisory | Coarse-grained | Per-action and resource-aware |
| Works when agent ignores instruction | No | Sometimes | Yes, denied calls stop at the gateway |
| Best use | Guide model behavior | Manage app users and teams | Govern agent tool execution |
Where z-gateway fits
z-gateway is the runtime control point between MCP-connected agents and connected systems such as GitHub and Postgres. It evaluates tool name, action, resource, environment, and agent identity before execution, then logs the decision and groups related actions into runtime sessions for review.