Execution GovernanceWhy this layer must exist
New
How It WorksPersistent & verifiable governance
Proving GroundLive interactive demo
ArchitectureDeep technical dive
WhitepaperThe official PDF thesis
New
Protocol (EAAP)Open protocol spec
IntegrationsMCP, ChatGPT, REST API
Code AnalyzerCheck your code risk
New
Use CasesFinTech, Healthcare, SaaS, Legal
SOC 2 Audit TrailsAI Agent Compliance
Stop AI SQL InjectionDatabase Governance
Compare ToolsExogram vs alternatives
vs Guardrails AIAction Filtering vs Infrastructure
vs LangChainOrchestration vs Control
Trust CenterCompliance & Security
API ReferenceREST API endpoints
CLI ReferenceTerminal commands
New
MCP SetupClaude Desktop integration
Docs HubAll documentation
Answers & FAQCommon questions
GlossaryAI governance terms
Learning HubGuides & deep-dives
BlogLatest posts & insights
Failure CasesReal AI agent failures
RFC-0001Full protocol spec
PricingGetting Started
Log inGet Started Free →
Layer 3: Operational Boundaries

Can Vercel AI SDK agents execute unauthorized tool calls?

Yes — the Vercel AI SDK connects LLMs to tools via the generateText and streamText APIs, but provides no middleware layer to validate whether a tool call is authorized, safe, or within policy before execution.

The Vercel AI SDK's tool calling pattern exposes the same fundamental vulnerability as every other framework:

  • Direct tool execution: When the LLM decides to call a tool, the SDK executes it immediately — no validation layer exists between decision and action
  • No per-tool permissions: All tools registered with tools parameter are equally accessible to the model
  • Server action exposure: Tools defined as Next.js server actions run with full server-side privileges
  • Streaming without governance: streamText executes tool calls mid-stream with no checkpoint for policy evaluation

Exogram wraps Vercel AI SDK tool definitions with execution governance. Tools are registered normally, but every call passes through the deterministic policy engine before reaching your server actions. Drop-in integration via the MCP server — no changes to your Next.js application code.

Compare Exogram

OpenaiLangchain

Ready to secure your AI infrastructure?

Deploy deterministic execution governance on your AI agents — 500 free API calls, no credit card.

Start Free — No Credit CardSecure Your Vercel AI Tools
✓ 500 free API calls/mo✓ 0.07ms enforcement latency✓ Works with LangChain, CrewAI, MCP
← Back to all Q&A