Skip to main content
When deploying AI within your MoEngage workspace, understanding what the agent is allowed to do and how your data is protected is critical. This guide outlines the permission scopes and enterprise security guardrails governing Custom Agents.

Agent Permissions: What is an Agent Permitted to Do?

A Custom Agent is not an omnipotent AI; its capabilities are strictly bounded and explicitly defined by the Tools assigned to it during configuration.

How Capabilities are Derived:

  • Tool Assignment: An agent can only perform actions for which it has an explicit tool. If an agent is assigned Read campaign analytics but not Create campaign drafts, it is fundamentally impossible for that agent to alter or create any campaigns, regardless of what the user types in the chat prompt.
  • Read vs. Write Boundaries: Read-only tools allow the agent to fetch and analyze data. Write tools allow the agent to modify data.
  • Hard System Limits: Even with full write permissions assigned, Custom Agents do not possess auto-send or publish capabilities. They are systemically restricted to creating, editing, or pausing drafts. Final deployment requires human intervention through the standard MoEngage builder.

Data Privacy, Security, and Governance

Because Custom Agents process real workspace data including campaign metadata, analytics, and custom segments, MoEngage enforces strict data governance protocols to meet enterprise security standards.

Data Handling and Model Training

You retain complete ownership and control of your proprietary data.
  • Zero Model Training: MoEngage does not use your workspace data, user segments, campaign content, or session transcripts to train Merlin AI or any foundational Large Language Models (LLMs).
  • Data Isolation: All data processed during an agent session is strictly isolated within your specific MoEngage workspace. Agents cannot cross-reference data from other organizations or environments.

Overlap with Role-Based Access Control (RBAC)

Custom Agents respect your organization’s existing governance structure.
  • When a user interacts with a Custom Agent, the agent operates within the intersection of its assigned tools and the user’s underlying MoEngage RBAC permissions.
  • If a user does not have the native MoEngage permission to view financial analytics or modify specific campaigns, the agent will not be able to bypass those restrictions to fetch or alter that data on the user’s behalf.

Compliance Guardrails

Every action taken by an agent is fully logged and auditable.
  • Traceability: Every tool execution, including the exact parameters used and the time of execution, is recorded in the session transcript.
  • Immutability: Session transcripts cannot be deleted or altered by users, ensuring a permanent audit trail of all AI interactions within your workspace.