permissions boundary
The line an agent, service, or user cannot cross — enforced through access controls, tool scopes, policy, or runtime checks.
The permissions boundary kept the agent from reading HR data.
The permissions boundary kept the agent from reading HR data.