FORGE & AI Governance
glossary

A business workflow that has enough structure for AI agents to operate inside it without relying on guesswork. Agent-ready workflows have a baseline metric, clear inputs and outputs, reusable Skills files, scoped agent responsibilities, human checkpoints, data boundaries, action limits, schedule rules, and a capture loop for measuring whether the redesign worked.

AI systems that take autonomous actions, not just generate text. Agentic AI tools like Claude, Cursor, Amp, and Copilot can browse the web, write and execute code, call APIs, and chain together multi-step tasks without constant human direction. This autonomy creates powerful productivity gains and new risks that traditional business processes were not designed to address.

A business process redesigned around autonomous AI agents executing tasks, with humans involved at defined approval steps within the Guardrails pillar. Agentic workflows differ from traditional automation because agents exercise judgment, handle exceptions, and chain multi-step tasks without step-by-step human direction. Designing agentic workflows is the core output of a FORGE engagement.

One of the six pillars of the FORGE Methodology. Agents are specialized autonomous workers that perform business processes using skills and tools while operating within your guardrails. In FORGE, each agent has a defined scope of work, a clear handoff point, and operates within the boundaries set by Guardrails. Thinking in agents replaces the older mental model of AI as a single chat interface.

The policies and processes that define how AI agents operate within an organization — what data they can access, what actions they can take autonomously, when humans must approve, and how decisions are audited. AI governance is not an IT concern. It is a business concern: without it, teams operate AI tools with no shared understanding of boundaries or accountability. The Guardrails pillar of FORGE produces ready-to-adopt governance documentation designed for non-technical stakeholders and structured for SOC 2, ISO 27001, and EU AI Act readiness.

The security component of the Guardrails pillar, covering prompt injection awareness, MCP/tool poisoning risks, data leakage assessment, agent permission boundaries, and shadow AI audit. AI Security Governance produces workflow recommendations that map to compliance frameworks like SOC 2, ISO 27001, and the EU AI Act.

Security fix instructions formatted as prompts that can be pasted directly into AI coding assistants like Cursor, Claude Code, or GitHub Copilot. Instead of abstract recommendations, AI-ready remediation prompts tell your AI assistant exactly what to fix, where to fix it, and how — in the language it understands best. This approach bridges the gap between identifying a security issue and actually resolving it, reducing fix time from hours to minutes.

A Guardrails constraint that defines what data an AI agent is permitted to read, write, or transmit. Without explicit data boundaries, agents can over-read sensitive files, leak information to external APIs, or operate on records outside their intended scope. Data boundary design is one of the first outputs of any FORGE Guardrails review and is essential for teams handling customer data, employee records, or proprietary business information.

A methodology for redesigning knowledge work around agentic AI. FORGE is built on six pillars: Baseline (the current-state metric), Skills (captured expertise in repeatable prompts), Agents (specialized autonomous workers that perform business processes), Guardrails (human approvals, data boundaries, action limits, escalation, and security), Schedule (triggers, cadence, dependencies, and loops), and Capture (measurement, pruning, and improvement over time). Developed by VibeSec Advisory, FORGE gives teams a structured framework for adopting agentic AI safely without stalling productivity.

An AI-enabled business process that is redesigned with explicit ownership, metrics, permissions, human review, escalation, security controls, and measurement. Governed AI workflows are the opposite of random AI usage: the team knows what the AI can do, where humans approve, what data is in bounds, and how success will be measured.

One of the six pillars of the FORGE Methodology and the pillar that encompasses security, governance, and human oversight. Guardrails are everything that keeps agents in bounds: human approval steps (where a person reviews, approves, or redirects before the next step runs), automated checks (validation rules that run without human intervention), data boundaries (what the agent can read and write), action limits (what the agent can do autonomously versus what requires approval), escalation rules (when to stop and ask a person), and security controls (authentication, authorization, rate limiting, audit logging). AI Security Governance is the process of verifying that your Guardrails are properly designed and working.

The points in an agentic workflow where a person reviews, approves, or redirects AI work before it continues. In FORGE, human approval steps are part of the Guardrails pillar rather than a separate pillar. Well-designed approval steps keep humans in control of high-stakes decisions without creating bottlenecks in the parts of a process that can safely run autonomously.

A defined point in a workflow where a person reviews, approves, redirects, or stops AI-assisted work before it continues. Human checkpoints are not generic reminders to be careful. They specify who reviews, what they review, what evidence is required, and what happens when the output is wrong or risky.

A professional whose primary output is judgment, communication, and information — not physical goods or code. Sales reps, HR managers, marketing leads, product managers, onboarding specialists, and operations teams are all knowledge workers. FORGE is designed specifically for knowledge workers adopting agentic AI tools, not for engineering teams. The fastest-growing adoption of agentic AI is happening in knowledge worker functions, and most of it is happening without any process framework.

The practice of breaking a business workflow into the six FORGE pillars: Baseline, Skills, Agents, Guardrails, Schedule, and Capture. Process decomposition turns vague AI adoption intentions into a concrete map of what to build, what to protect, and how to keep humans in control.

An attack where malicious instructions embedded in data — a webpage, document, email, or tool response — hijack an AI agent's behavior. Unlike traditional security vulnerabilities, prompt injection targets the AI reasoning layer, not the code layer, meaning standard developer fixes do not address it. A sales agent reading a prospect's website could be redirected by instructions hidden in that page. Designing agents that are resilient to prompt injection is a core Guardrails concern and a key differentiator of FORGE-designed workflows.

One of the six pillars of the FORGE Methodology. Schedule defines when a process runs, how often, what triggers it, and how loops and recurring tasks are managed. Without explicit scheduling, agentic workflows either run continuously with no oversight or depend on someone remembering to trigger them manually. Schedule design ensures every automated process has a defined cadence, clear triggers, failure handling, and monitoring so nothing runs unmonitored and nothing gets missed.

The unsanctioned use of AI tools by employees outside IT or security oversight. Shadow AI is the norm, not the exception: sales reps adopt Claude CoWork, designers use Midjourney, HR teams build onboarding automation with Amp — all without coordinated process design or governance. FORGE engagements begin with a shadow AI inventory to surface what tools are already in use, what data they touch, and which processes need redesigning before the risks compound.

One of the six pillars of the FORGE Methodology. Skills are captured expertise in repeatable prompts that can be used by users and agents. Examples include drafting a document, summarizing a call transcript, classifying a support ticket, and generating a proposal. Mapping your process to specific Skills is the starting point for any FORGE engagement because it determines which tasks are ready to hand off to an AI agent and which still require human judgment.

A reusable instruction artifact that captures how a task should be performed by a human or an AI agent. A production-grade Skills file usually includes purpose, inputs, step-by-step instructions, output format, guardrails, and an example. Skills files replace one-off prompts with repeatable operating knowledge.

The period between an AI model's training data cutoff and the present day, during which new vulnerabilities are discovered and disclosed that the AI cannot know about. Because AI coding assistants can only reference security information from their training data, they are inherently blind to threats discovered after their cutoff date. This gap — typically 3 to 12 months — is where real-world attackers operate, making AI-only security reviews fundamentally incomplete. Professional security assessment bridges this gap with current vulnerability intelligence.

A class of AI security failure where a tool, connector, MCP server, plugin, or tool description is malicious, compromised, misleading, or over-permissioned. Tool poisoning matters because agents often trust tool metadata and outputs when deciding what actions to take. Guardrails reduce the blast radius through approval gates, least privilege, allowlists, logging, and review of new tools before use.

A software development approach where developers primarily use AI coding assistants — such as Cursor, Claude Code, GitHub Copilot, Bolt, Lovable, or v0 — to generate the majority of their application's code. The developer provides high-level direction and intent while the AI handles implementation details. Vibe coding enables rapid prototyping and shipping but introduces unique security risks because the developer may not fully understand the generated code's security implications. The Guardrails pillar of the FORGE Methodology is designed to address exactly these risks.

The current-state business metric captured before redesign begins. A useful workflow baseline names the metric, current value, source system, owner, date captured, and 90-day target. Without a baseline, AI adoption turns into anecdotes instead of measured improvement.