# Agent and Workflow Design
AI agents and workflows are treated as governed, deployable artifacts within the platform.
They coordinate reasoning and tool usage but do not control data access or enforcement.
Tool Invocation via MCP
AI agents invoke tools using Model Context Protocol (MCP).
MCP provides:
- Typed, inspectable tool definitions
- Explicit agent-to-dataplane contracts
- Capability-based exposure
Clarifications:
- MCP does not store data
- MCP does not enforce permissions
- All enforcement remains in the Dataplane
Prompt and Workflow Versioning
Orchestration artifacts are deployable assets:
- Prompts are versioned
- Agent definitions are versioned
- Workflows are versioned
This enables reproducibility, auditability, and rollback.
Environment Promotion
Orchestration follows the same lifecycle model as the platform:
- Development → Test → Production
- Promotion is policy-gated
- Changes are auditable
If behavior differs between environments, it is a defect.
Failure Handling and Observability
Orchestration failures are first-class operational events.
Principles:
- Failures are explicit
- Partial execution is observable
- Tool failures are distinguishable from model failures
Observability captures:
- Which agent invoked which tool
- Under which identity
- Using which pipeline
- With which outcome
By separating thinking from data access, AI Fabrix enables safe evolution of agents and workflows without reintroducing security, compliance, or audit risk.