Locked early. Departments do not add new tools without a CoE/security review.
| Category | What we pick | Rule |
|---|---|---|
| LLMs (generation) | A primary + one fallback | Multi-model from day one. Avoid single-vendor lock. |
| Embeddings | One primary | OpenAI / Cohere / etc. |
| Orchestration | Visual + code-first | One workflow tool (e.g., n8n / Power Automate) + one code-first framework (e.g., LangGraph) |
| Vector store | One | Supabase pgvector for small/mid scale; Pinecone / Vertex / etc. at scale |
| Observability | One AI-specific + integrated to existing logging | LangSmith / Helicone / Arize for AI; pipe to Datadog / Grafana / Sentinel where the rest of the company already looks |
| Identity | The existing IdP | Okta / Entra / Google Workspace SSO. Never roll our own. |
| Secret store | The existing secret manager | Use what the platform team already runs. |
| Source control | The existing one | Every agent has a folder; every prompt is versioned. |
| Registry / Intake | One | Notion / Airtable / ServiceNow. Pick and commit. |
| Open protocols | MCP and (when mature) A2A | Use open standards for model-to-tool and agent-to-agent communication where available. |
We allow exceptions. We do not allow surprise exceptions.