All postsTrust

How we think about agent safety

February 28, 2026 8 min read· Wanddy security team

Live-data agents can do real damage if you let them. This is the set of constraints we enforce by default.

A live-data agent can do real damage. We treat that as a primary design constraint, not a footnote.

Default 1: scoped credentials. Every integration uses the smallest scope that lets the Buddy do its job. Read where possible; write only where the user explicitly authorises a workflow.

Default 2: human-in-the-loop for state-changing actions. Sending an email, posting to social, refunding an order — every one of these surfaces a confirmation step the first time, and remains explicit until the user opts in to autopilot.

Default 3: full audit trail. Every action a Buddy takes is logged with the prompt, tool call, parameters, and result. If something goes wrong you can read exactly what happened.

Keep reading

Product

Why we built six Buddies instead of one giant assistant

Specialisation beats generalisation once a task touches real business data. Here's the architecture decision that shaped Wanddy.

April 12, 2026Guide

Shopify daily reports without spreadsheets

How to replace the 90-minute Monday-morning ritual with a single chat — and what to ask Leo first.

April 3, 2026Playbook

A field guide to Odoo cashflow with AI

Patterns we've seen cut DSO by 10+ days across mid-market manufacturers. Leo does the reading.

March 22, 2026