Ultra13
Docs · Quickstart

Quickstart: protect one agent workflow with Ultra13

This quickstart outlines how to protect a single agent workflow with the Context Firewall — from inventorying context sources to enforcing on high-risk sinks. Full SDK, proxy, and MCP-gateway integration snippets are rolling out during early access; this page describes the model and the steps.

By the Ultra13 teamPublished Updated
TL;DR
  • Start in monitor mode; enforce once policy is proven.
  • Inventory context sources and sinks; label trust classes.
  • Inspect tool calls, gate memory writes, and screen egress.
  • Turn on enforcement for high-risk sinks first.

Before you start

Have your agent framework, model provider, tools, RAG sources, memory store, data classes, and intended deployment mode to hand. Choose where Ultra13 sits — inline SDK, LLM proxy, or MCP gateway — per security architecture.

The steps

  1. Define context sources and label them by trust class.
  2. Define sinks: tool calls, memory writes, exports, browser actions, approvals.
  3. Add monitor-mode source-to-sink policy.
  4. Inspect tool calls and gate memory writes.
  5. Screen egress; review the decision logs.
  6. Turn on enforcement for high-risk sinks first.
FAQ

Frequently asked questions

Do I have to enforce from day one?
No. Start in monitor mode to gather evidence, then enforce on high-blast-radius sinks — exports, shell/code execution, webhook egress, tenant-crossing actions, and persistent memory writes.

See where the firewall stops the path.

Give us one agent workflow. We’ll map the context boundary, replay the abuse paths, and show where the Context Firewall blocks them.