Facio Blog

Practical notes on human-reviewed AI agents.

Payload-powered product notes, security writing, HITL patterns, and operational guidance from the Facio runtime: long sessions, Placet approvals, audit trails, memory, providers, channels, tools, and Docker-first operations.

Showing 26-30 of 81 articles.

Security

Your AI Agent Audit Trail Is Probably a Filing Cabinet: What Compliance Actually Requires

Jun 3, 2026Security

Your AI Agent Audit Trail Is Probably a Filing Cabinet: What Compliance Actually Requires

88% of enterprises had AI agent incidents — but only 21% have runtime visibility and 33% have no audit trail at all. Operational logs are not audit logs. WORM storage, cryptographic chaining, and the five mandatory elements every compliance-grade agent audit trail needs before the EU AI Act deadline.

Human-in-the-loop

HITL Metrics That Actually Matter: How to Measure Whether Your Human Oversight Is Working

Jun 3, 2026Human-in-the-loop

HITL Metrics That Actually Matter: How to Measure Whether Your Human Oversight Is Working

Most teams can't answer a simple question: "Is your HITL system actually working?" They track approval counts and respond times — vanity metrics that say nothing about oversight quality. Here are the 7 metrics that actually measure HITL effectiveness.

Engineering

MCP Spotlight: DecisionNode — Your Team's Architecture Decisions, Vectorized and Searchable by AI

Jun 2, 2026Engineering

MCP Spotlight: DecisionNode — Your Team's Architecture Decisions, Vectorized and Searchable by AI

DecisionNode turns architecture decisions into vector embeddings searchable by AI agents over MCP. 9 tools, free Gemini embedding tier, a force-directed graph UI, and live pulse showing which decisions your AI queries in real time.

Product

Facio's MCP Management: Dynamic Server Lifecycle Control From the Agent Itself

Jun 2, 2026Product

Facio's MCP Management: Dynamic Server Lifecycle Control From the Agent Itself

Connecting an MCP server is step one. Managing it in production — toggling it on and off, editing its configuration, restarting it after a crash, routing it to different HTTP transports — is where most platforms stop. Facio's manage_mcp tool gives agents full lifecycle control over their own tool infrastructure, with HITL gating on every destructive change.

Security

Your Containers Can't Hold an Agent: The Sandboxing Reality Every Architect Must Face

Jun 2, 2026Security

Your Containers Can't Hold an Agent: The Sandboxing Reality Every Architect Must Face

Standard Docker containers share the host kernel — and 1 in 8 AI breaches now involves an agentic system. From Cohere's CVSS 9.3 sandbox escape to Claude Code's configuration injection, the evidence is in: containers aren't sandboxes. Here's what isolation actually requires in 2026.