By James Aspinwall, co-written by Alfred Pennyworth (my trusted AI) — March 7, 2026, 13:20
Fiddler AI observes what AI agents do. WorkingAgents governs what AI agents are allowed to do. One tells you the agent hallucinated, leaked PII, or took an unexpected path. The other prevents the agent from calling tools it shouldn’t, accessing data it’s not authorized for, or acting without accountability. Observability without governance is a dashboard you watch while things go wrong. Governance without observability is a policy you enforce blind. Enterprises deploying autonomous agents need both.
What Fiddler AI Does
Fiddler is the AI Control Plane for enterprise agents — observability, guardrails, and governance across the agentic lifecycle. $100M raised, Series C led by RPS Ventures in January 2026. Named #1 in AI Agent Security & Risk Management by CB Insights. 4x revenue growth in 18 months. Fortune 500 customers including Nielsen. AWS Pattern Partners status. Investors include Lightspeed, Lux Capital, Insight Partners, Capgemini Ventures, and Mozilla Ventures.
Core capabilities:
- Agentic Observability — end-to-end visibility across the agentic hierarchy: application → session → agent → trace → span. Root-cause analysis across distributed agent dependencies. Non-deterministic reasoning chains made interpretable.
- Trust Service — purpose-built trust models for scoring LLM prompts and responses. Sub-100ms guardrails. 6x cheaper and 50% more accurate than alternatives. Detects hallucination, toxicity, PII/PHI leakage, jailbreak attempts, prompt injection.
- 100+ metrics — hallucination, faithfulness, groundedness, answer relevance, context relevance, toxicity, PII detection, drift, performance, and custom business KPIs.
- Real-time alerting — threshold-based alerts when metrics degrade, with explainability and diagnostics for root cause analysis.
- Framework-native — OpenTelemetry (OTEL), LangGraph, Amazon Bedrock, AWS Strands Agents, Google ADK, custom frameworks.
- Air-gapped deployment — trust models run in-environment without external API calls. No data leaves the customer’s infrastructure.
The vision: a neutral control plane for compound AI systems — standardized telemetry, reliable evaluation, continuous monitoring, enforceable policy, auditable governance.
What WorkingAgents Does
WorkingAgents is the governance and control layer between AI agents and enterprise systems. Three gateways, one control plane:
- Unified LLM Routing — control which models agents use and how they access them
- Agentic Workflow Control — define, supervise, and enforce how agents take actions
- Enterprise MCP and A2A Tools Access — connect agents to internal tools with least-privilege permissions
Per-user access control with AES-256-CTR encrypted permission keys, audit trails on every action, 86+ MCP tools, per-user SQLite databases. Agents inherit the user’s permissions. One identity, one set of rules, full accountability.
The Gap They Close Together
Enterprise AI agent operations require three capabilities:
| Capability | Question | Solution |
|---|---|---|
| Governance | Is this agent allowed to do this? | WorkingAgents |
| Observability | Did the agent do it correctly? | Fiddler AI |
| Security | Was the interaction safe? | Both |
WorkingAgents prevents unauthorized actions before they happen. Fiddler detects quality and safety issues as they happen. Without WorkingAgents, Fiddler observes agents that have no permission boundaries — it can alert that an agent accessed financial data, but can’t prevent it. Without Fiddler, WorkingAgents governs agents but can’t detect hallucinations, toxicity, or drift in the model outputs those agents act on.
Prevention and detection. Policy and telemetry. Both are required.
Synergy Areas
1. Guardrails in the LLM Routing Pipeline
WorkingAgents routes agent requests to LLM providers. Each request produces a prompt and receives a response. Fiddler’s Trust Service scores both:
- Agent constructs a prompt containing sensitive data from WorkingAgents’ NIS CRM
- WorkingAgents checks the agent’s permissions — authorized to access this data and this model?
- Fiddler Trust Service scores the prompt — PII detected? Jailbreak attempt? Banned content?
- If both pass, prompt goes to the LLM provider
- Response returns → Fiddler scores the response — hallucination? Toxicity? Faithfulness to context?
- WorkingAgents executes the follow-up action only if Fiddler’s safety scores meet threshold
- Both layers log independently — WorkingAgents logs the permission check and action, Fiddler logs the quality and safety scores
WorkingAgents decides whether the agent can make the call. Fiddler decides whether the call’s content is safe. Sub-100ms guardrail latency means this doesn’t slow down the routing pipeline. The enterprise gets permission-checked AND quality-checked LLM interactions in a single flow.
2. Agentic Observability for Governed Agents
Fiddler’s hierarchical observability (application → session → agent → trace → span) maps directly to WorkingAgents’ agent operations:
- Application level — WorkingAgents is the application. Fiddler monitors the health of the entire agent governance platform.
- Session level — each user’s interaction with WorkingAgents constitutes a session. Fiddler tracks session-level metrics (latency, error rates, safety scores).
- Agent level — each WorkingAgents user has agents operating with specific permissions. Fiddler monitors per-agent behavior: which agents hallucinate more, which trigger safety alerts, which underperform.
- Trace level — a complete agent workflow in WorkingAgents (e.g., “check CRM → construct prompt → route to LLM → create task → send notification”) becomes a Fiddler trace.
- Span level — each individual tool call (NIS lookup, LLM inference, Pushover notification) becomes a Fiddler span with its own metrics.
WorkingAgents provides the governance structure. Fiddler provides the observability instrumentation. Together, the enterprise sees not just what agents did (WorkingAgents audit trail) but how well they did it (Fiddler quality metrics) — at every level of granularity.
3. Drift Detection + Automatic Response
Fiddler detects model drift — when LLM behavior degrades over time. WorkingAgents acts on that detection:
- Fiddler detects that response quality from Provider A has dropped below threshold (hallucination rate up 15%, faithfulness score declining)
- Alert fires → WorkingAgents receives the alert
- WorkingAgents automatically reroutes agent traffic from Provider A to Provider B — LLM routing adapts in real time
- WorkingAgents creates a task: “Investigate model drift on Provider A” with 24-hour deadline
- WorkingAgents sends a Pushover notification to the ML team lead
- If the task isn’t resolved in 24 hours, WorkingAgents’ alarm system escalates
Fiddler detects the problem. WorkingAgents responds to it. No human in the loop for the immediate mitigation (rerouting), human in the loop for the investigation (task with deadline). Autonomous response with governance guardrails.
4. PII Protection at the Agent Layer
Fiddler detects PII/PHI in prompts and responses. WorkingAgents controls what data agents can access. Together:
- WorkingAgents’ NIS CRM contains customer data — names, addresses, contact details
- An agent constructs a prompt that includes customer data → WorkingAgents checks: does this agent have NIS read permissions?
- If authorized, the prompt passes to Fiddler’s Trust Service → PII scan detects customer names and addresses
- Policy decision: should this data go to an external LLM? Fiddler’s PII score triggers a block or redaction based on enterprise policy
- WorkingAgents logs the attempted action. Fiddler logs the PII detection. Both records are independently auditable.
WorkingAgents controls access to the data. Fiddler controls what happens to the data once it’s in a prompt. Defense in depth: even if an agent has permission to read customer data, Fiddler prevents that data from leaking to an external model provider if policy prohibits it.
5. Compliance Evidence Generation
Fiddler automatically generates audit evidence for regulatory reviews. WorkingAgents generates per-action audit trails. Together, they produce complete compliance packages:
- WorkingAgents provides: who (user identity), what (tool called, action taken), when (timestamp), authorization (permission keys checked)
- Fiddler provides: quality metrics (hallucination scores, faithfulness), safety metrics (PII detection, toxicity scores), performance metrics (latency, token usage, cost)
- Combined: a compliance officer can trace from “Agent A, operating under User X’s permissions, called tool Y at timestamp Z” (WorkingAgents) to “the LLM interaction scored 0.95 faithfulness, 0.0 toxicity, no PII detected in the response” (Fiddler)
For regulated industries — healthcare (HIPAA), finance (SOX/PCI), government — this combined audit trail answers both “was the agent authorized?” and “was the output safe?” in a single evidence package.
6. Custom Business KPI Monitoring
Fiddler supports custom metrics beyond standard safety scores. WorkingAgents provides the business context:
- WorkingAgents tracks agent actions in the NIS CRM — contact interactions, company updates, task completions, deal progression
- Fiddler monitors custom KPIs tied to these actions: agent response quality per customer segment, task completion rates, CRM update accuracy
- When a custom KPI degrades (e.g., agent-suggested follow-up actions are being overridden by users 40% of the time), Fiddler alerts → WorkingAgents creates an improvement task
Fiddler measures business outcomes. WorkingAgents provides the business actions that produce those outcomes. The feedback loop is closed: observe performance → detect degradation → create governance response → measure again.
7. The “Control Plane” Convergence
Both Fiddler and WorkingAgents describe themselves as “control planes” — Fiddler for AI observability, WorkingAgents for agent governance. The convergence is natural:
- Fiddler’s control plane: standardized telemetry, reliable evaluation, continuous monitoring, enforceable policy, auditable governance — focused on model behavior and output quality
- WorkingAgents’ control plane: unified LLM routing, agentic workflow control, enterprise tool access — focused on agent permissions and action governance
These aren’t competing control planes. They’re complementary layers of the same control surface. Fiddler controls the quality and safety of AI outputs. WorkingAgents controls the authorization and execution of AI actions. An enterprise needs both to say “our AI agents are under control.”
The Partnership Opportunity
For Fiddler: WorkingAgents provides the agent governance layer that completes the observability story. Fiddler can detect that an agent hallucinated or leaked PII — but can’t prevent the agent from calling the tool in the first place. WorkingAgents adds prevention to Fiddler’s detection. Every Fiddler customer deploying agentic AI needs permission control, tool governance, and automated response to observability alerts.
For WorkingAgents: Fiddler solves our blind spot — model output quality. WorkingAgents governs what agents can do, but doesn’t evaluate whether the LLM’s response was faithful, hallucinated, or toxic. Fiddler’s Trust Service adds quality and safety scoring to our LLM routing pipeline with sub-100ms overhead. Our governed agents become observably governed agents.
For the joint customer: AI agents that are authorized (WorkingAgents) producing outputs that are monitored and scored (Fiddler), with automatic response to quality degradation (both). The CISO signs off because every action is permission-checked and audited. The CTO signs off because model quality is continuously monitored. The compliance team signs off because the combined audit trail spans from agent authorization to output safety scoring.
Concrete Next Steps
- Trust Service integration in LLM routing — add Fiddler’s Trust Service as a scoring step in WorkingAgents’ LLM routing pipeline. Prompts and responses scored for PII, hallucination, and toxicity before agents act on results. Estimate: 3-4 days for Trust Service API integration.
- OpenTelemetry instrumentation — instrument WorkingAgents’ MCP tool calls as OTEL spans, feeding into Fiddler’s agentic observability. Each tool call becomes a span with permission context, execution result, and timing. Estimate: 2-3 days.
- Drift response automation — connect Fiddler alerting to WorkingAgents’ task and alarm system. Model drift → automatic LLM rerouting + investigation task + push notification. Estimate: 1-2 days.
- Joint compliance demo — regulated industry scenario: agent accesses patient data through WorkingAgents (permission-checked), constructs prompt (Fiddler PII-scanned), receives response (Fiddler hallucination-scored), takes action (WorkingAgents audited). Complete compliance evidence package generated automatically.
Fiddler sees everything AI agents do — every prompt, every response, every quality metric, every safety score. WorkingAgents controls everything AI agents are allowed to do — every tool call, every data access, every action. One is the instrument panel. The other is the steering wheel. An enterprise flying autonomous AI agents at scale needs both: instruments to know what’s happening and controls to determine what should happen. Observe and govern. Detect and prevent. Fiddler and WorkingAgents.