> ## Documentation Index
> Fetch the complete documentation index at: https://docs.anchorage.com/llms.txt
> Use this file to discover all available pages before exploring further.

# AI security and guardrails

> Keep AI assistants and agents safe when building on Anchorage Digital.

AI tools speed up integration, but you're operating on institutional assets. These guardrails keep AI assistants and autonomous agents from causing harm.

## The docs MCP server is read-only

Our documentation MCP server only searches and returns docs. It has no access to your keys, account, or funds, and it can't move assets. Connecting it is safe.

## Use least-privilege API keys

Give AI-assisted code only the access it needs. Scope keys with [permission groups](/knowledge-base/platform/developers/permission-groups), and start with read-only keys while you explore. Keep internal and external transfer permissions in separate permission groups and keys.

## Keep a human in the loop for asset movement

Withdrawals and external transfers require quorum approval by design—never let an agent approve them. Treat every asset-moving action as human-approved, not automated. See [vault policies](/knowledge-base/platform/users/vault-policies) and the [move money overview](/knowledge-base/platform/developers/move-money/overview).

## Protect keys and signing material

Never paste API keys, private keys, or signing secrets into a prompt or chat. Keep them out of your AI tool's context and in your secrets manager. Sensitive endpoints require an Ed25519 signature—generate signatures in your own environment. See [Request signing](/knowledge-base/platform/developers/request-signing).

## Treat AI output as untrusted

* Review generated code before you run it.
* Test against the [sandbox](/knowledge-base/platform/developers/sandbox/sandbox-overview) before production.
* Watch for prompt injection: content an agent fetches from the web can carry hidden instructions, so don't act on it blindly.
* Verify before you sign or broadcast any transaction.

## Verify against current docs

AI models can generate outdated API patterns. Have your assistant cite the documentation pages it used, and confirm endpoint paths and asset types against the current docs or the [MCP server](/knowledge-base/build-with-ai/connect-ai-assistant).
