Console Login
Docs / Integrations / Semantic Kernel

Apply Gvner checks in Semantic Kernel filters.

Attach Gvner to SK function pipelines so high-risk functions require explicit ALLOW decisions.

Integration Hub HTTP/Webhook Contract API Reference Support & Launch

Where to hook intent checks

Invoke intent check in function filter middleware before function execution.
Always call before side effects, not after.
Pass correlation IDs for traceability.

Payload mapping to /adapters/http/intent

{ "tenant_id": "acme", "runtime_id": "semantic-kernel-01", "agent_id": "agent-01", "intent": "update_customer", "requested_scopes": ["update_customers"], "tool": "crm", "context": {"source": "semantic-kernel", "workflow": "demo"}, "requested_budget": 1.0, "work_type": "execution", "correlation_id": "req-123" }

Fail-closed behavior

Required: if Gvner is unreachable, returns DENIED, or response is invalid, do not execute. Treat as blocked and log audit context.

Sample wrapper pattern

# in SK filter decision = guvna_evaluate(intent) if decision["decision"] != "ALLOWED": raise PermissionError(decision["reason"]) # continue to target function

Relevant console pages

Integration Runtimes

Runtime inventory and status checks.

Observability

Signal health for integration pipelines.

Incidents

Escalations tied to blocked/failed executions.

Support Pack

Bundle diagnostics for partner troubleshooting.

Evidence and exports

Export evidence packets from Exports.
Use Receipts for integrity checks.
Use Regulator Packets for external review.