ai-governance-architecture
System architecture for Salesforce AI governance: MLOps pipeline design, AI Audit Trail architecture, Einstein Trust Layer security design, Policy-as-Code engine, and regulatory compliance design for EU AI Act and similar frameworks. NOT for general Salesforce security architecture, AI ethics policy documentation, or individual Agentforce agent configuration.
Best use case
ai-governance-architecture is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
System architecture for Salesforce AI governance: MLOps pipeline design, AI Audit Trail architecture, Einstein Trust Layer security design, Policy-as-Code engine, and regulatory compliance design for EU AI Act and similar frameworks. NOT for general Salesforce security architecture, AI ethics policy documentation, or individual Agentforce agent configuration.
Teams using ai-governance-architecture should expect a more consistent output, faster repeated execution, less prompt rewriting, better workflow continuity with your supporting tools.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
- You already have the supporting tools or dependencies needed by this skill.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/ai-governance-architecture/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How ai-governance-architecture Compares
| Feature / Agent | ai-governance-architecture | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
System architecture for Salesforce AI governance: MLOps pipeline design, AI Audit Trail architecture, Einstein Trust Layer security design, Policy-as-Code engine, and regulatory compliance design for EU AI Act and similar frameworks. NOT for general Salesforce security architecture, AI ethics policy documentation, or individual Agentforce agent configuration.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# AI Governance Architecture This skill activates when an architect needs to design a comprehensive AI governance system for a Salesforce org — covering the 4-layer governance framework (AI/ML Lifecycle, Security/Guardrails, Audit/Observability, Responsible AI Controls), Audit Trail architecture, Policy-as-Code engine, and regulatory compliance design. It does NOT cover individual Agentforce agent configuration, general security architecture, or AI ethics policy documentation. --- ## Before Starting Gather this context before working on anything in this domain: - **Einstein Trust Layer is not full AI governance** — The Trust Layer provides zero-data-retention guarantees, prompt injection detection, and toxicity filtering. It is ONE security layer in a complete governance stack. Full governance additionally requires MLOps lifecycle management, Policy-as-Code enforcement, and immutable audit trail architecture. - **AI Audit Trail requires Data Cloud** — Salesforce Generative AI Audit Trail logs are stored in Data Cloud. There is no alternative storage path. Orgs without Data Cloud cannot use the native Audit Trail feature. The audit trail refreshes hourly — real-time detection of model misuse is impossible natively. - **30-day audit retention** — AI Audit Trail has a 30-day default retention (distinct from the 180-day Setup Audit Trail). Long-term compliance evidence requires exporting to an external system (S3, SIEM) within the 30-day window. - **BYOLLM calls bypass audit trail** — Bring-Your-Own-LLM model calls that are not explicitly routed through the Trust Layer do not appear in the Salesforce Generative AI Audit Trail. BYOLLM governance requires explicit routing configuration. - **EU AI Act high-risk compliance deadline** — August 2026. Salesforce orgs using AI for high-risk use cases (employment, credit, healthcare decisions) need a compliant governance framework in place. --- ## Core Concepts ### The 4-Layer AI Governance Framework Comprehensive Salesforce AI governance spans four layers: **Layer 1 — AI/ML Lifecycle Governance:** Model registry, training data documentation, model versioning, approval gates before production deployment. Requires MLOps pipeline integration (Weights & Biases, MLflow, or Salesforce Model Builder's built-in versioning). **Layer 2 — Security and Guardrails:** Einstein Trust Layer (zero-data-retention, prompt injection detection, toxicity filtering), topic guardrails on Agentforce agents, data masking for PII in prompts, BYOLLM routing policies. **Layer 3 — Audit and Observability:** Salesforce Generative AI Audit Trail (requires Data Cloud), prompt/response logging, model performance monitoring, usage analytics. 30-day retention requires external export pipeline. **Layer 4 — Responsible AI Controls:** Fairness monitoring (bias detection), human-in-the-loop override design, transparency documentation, explainability requirements for regulated use cases. ### AI Audit Trail Architecture The Salesforce Generative AI Audit Trail captures: - Prompt text (masked if data masking is enabled) - Model response - User identity and timestamp - Model version and endpoint used Architectural constraints: - Requires Data Cloud — no alternative storage - Refreshes hourly — not real-time - 30-day retention — must export for long-term compliance - BYOLLM calls are not captured unless explicitly routed through Trust Layer Recommended architecture for long-term compliance: 1. Configure Data Cloud Audit Trail export to S3 or SIEM (Splunk, Datadog) 2. Set export frequency to daily (within 30-day window) 3. SIEM provides real-time alerting on anomalous model behavior 4. Data Cloud provides the Salesforce-native audit surface for near-real-time review ### Policy-as-Code Engine Policy-as-Code for Salesforce AI governance enforces rules declaratively: - Agentforce topic guardrails (define what topics agents CANNOT discuss) - Einstein Trust Layer data masking policies (mask SSN, credit card numbers before prompt send) - Agentforce action allowlists (which Apex actions, Flows, or APIs an agent can invoke) - Model routing policies (which LLM model handles which use case) Policy changes require code review and deployment — they are not ad-hoc UI configuration. This provides auditability of governance policy changes over time. --- ## Common Patterns ### 4-Layer Governance Architecture Design **When to use:** Any organization deploying Agentforce, Einstein Prediction Builder, or BYOLLM models in a regulated industry or for high-risk use cases. **How it works:** 1. Layer 1: Integrate model registry (Salesforce Model Builder or external MLflow) with approval workflow before any model is promoted to production. 2. Layer 2: Enable Einstein Trust Layer. Configure topic guardrails on all Agentforce agents. Configure data masking for PII fields. Define BYOLLM routing policies. 3. Layer 3: Enable Generative AI Audit Trail (requires Data Cloud). Configure daily export to S3/SIEM. Set up SIEM alerts for anomaly patterns (unusual prompt volumes, blocked topic attempts). 4. Layer 4: Define fairness monitoring thresholds. Document human override points in agent workflows. Create transparency documentation for each deployed model. **Why not just Trust Layer:** Trust Layer provides prompt-level safety controls. It does not govern the model lifecycle, provide long-term audit evidence, or satisfy EU AI Act documentation requirements. Governance requires all four layers. ### Audit Trail Export Pipeline **When to use:** Regulated industries (financial services, healthcare) requiring AI audit evidence beyond 30 days, or when real-time anomaly detection is required. **How it works:** 1. Configure Data Cloud data stream export to S3 (daily batch). 2. S3 triggers Lambda or MuleSoft flow to ingest into SIEM (Splunk/Datadog). 3. SIEM applies detection rules: high-frequency unusual topics, blocked content patterns, after-hours model invocations. 4. SIEM alerts fire to security team on anomaly detection. 5. Audit records retained in S3 for compliance evidence period (typically 7 years). --- ## Decision Guidance | Situation | Recommended Approach | Reason | |---|---|---| | Basic AI safety for Agentforce | Einstein Trust Layer + topic guardrails | Minimum viable safety layer | | Regulated industry AI deployment | Full 4-layer governance framework | Compliance and audit evidence requirements | | Long-term audit evidence (> 30 days) | Data Cloud Audit Trail + S3/SIEM export | Audit Trail retention is only 30 days natively | | BYOLLM governance | Explicit routing through Trust Layer + extended audit | BYOLLM calls bypass audit unless explicitly routed | | EU AI Act high-risk use case | 4-layer framework + conformity assessment documentation | August 2026 compliance deadline | | Real-time anomaly detection | SIEM integration with Audit Trail export | Audit Trail refreshes hourly, not real-time | --- ## Recommended Workflow 1. **AI inventory** — List all deployed and planned AI/ML features: Agentforce agents, Einstein Prediction, BYOLLM models, third-party AI integrations. This drives the governance scope. 2. **Regulatory mapping** — Map each AI use case to applicable regulations (EU AI Act risk categories, financial services AI guidance, healthcare AI requirements). Identify high-risk use cases requiring conformity assessment documentation. 3. **Layer-by-layer design** — Design each governance layer independently: model lifecycle (Layer 1), Trust Layer and guardrails (Layer 2), audit and observability (Layer 3), responsible AI controls (Layer 4). 4. **Audit trail architecture** — Design the Data Cloud → S3/SIEM export pipeline. Determine retention period and access controls for audit records. 5. **Policy-as-Code design** — Define all governance policies as code artifacts (topic guardrails, data masking rules, action allowlists). Establish code review process for policy changes. 6. **BYOLLM routing** — For any BYOLLM integration, explicitly confirm routing through Trust Layer for audit capture. Document which models are routed and which are not. 7. **Review** — Confirm Trust Layer is not presented as complete governance. Confirm 30-day Audit Trail retention limitation is addressed with export. Confirm BYOLLM routing is documented. --- ## Review Checklist - [ ] All deployed AI features inventoried and mapped to regulatory risk categories - [ ] Einstein Trust Layer is one layer in a 4-layer framework (not the whole governance story) - [ ] Generative AI Audit Trail export pipeline designed for retention > 30 days - [ ] BYOLLM calls explicitly routed through Trust Layer for audit capture - [ ] Agentforce topic guardrails defined and documented as Policy-as-Code - [ ] Human override points documented for high-risk AI use cases - [ ] EU AI Act high-risk use case conformity assessment documentation scoped --- ## Salesforce-Specific Gotchas 1. **Trust Layer is not a complete AI governance framework** — Enabling Trust Layer addresses prompt safety and zero-data-retention. It does not address model lifecycle governance, long-term audit evidence, fairness monitoring, or regulatory documentation. Organizations that enable Trust Layer and consider governance done are exposed. 2. **AI Audit Trail requires Data Cloud and has 30-day retention** — Organizations without Data Cloud have no native AI Audit Trail. Even with Data Cloud, the 30-day retention window means compliance evidence must be exported within 30 days or it is permanently lost. 3. **BYOLLM calls bypass the audit trail by default** — BYOLLM model invocations do not automatically appear in the Generative AI Audit Trail. Explicit routing configuration through the Trust Layer is required. Organizations that add BYOLLM integrations after initial governance setup frequently miss this. --- ## Output Artifacts | Artifact | Description | |---|---| | AI governance architecture document | 4-layer framework design with technology mapping per layer | | Audit trail architecture design | Data Cloud → S3/SIEM pipeline with retention and alert design | | Policy-as-Code specifications | Topic guardrails, data masking rules, and action allowlists as deployable artifacts | | Regulatory compliance matrix | EU AI Act or equivalent risk category mapping with control evidence requirements | --- ## Related Skills - `ai-platform-architecture` — For model selection, Trust Layer design, and multi-agent orchestration at the platform level - `data-cloud-architecture` — For Data Cloud configuration required to support the AI Audit Trail
Related Skills
ai-platform-architecture
Use this skill when designing or evaluating the holistic Salesforce AI platform strategy: model tier selection (Salesforce Default vs BYOLLM vs zero-data-retention partner models), Trust Layer design decisions at the architecture level, and multi-agent Supervisor/Specialist orchestration topology. Trigger keywords: AI platform strategy, model selection strategy, Supervisor agent topology, multi-agent orchestration, Einstein LLM gateway, BYOLLM architecture, trust layer design, agentic platform design, model tier decision. NOT for individual agent action development, Trust Layer feature configuration steps, RAG grounding mechanics, or BYOLLM registration procedures (see agentforce/einstein-trust-layer, agentforce/rag-patterns-in-salesforce, agentforce/model-builder-and-byollm for those).
omnistudio-field-mapping-governance
Govern DataRaptor field mappings to prevent runtime errors when source metadata changes: naming, versioning, and dependency tracking. NOT for DataRaptor authoring fundamentals.
api-governance-and-rate-limits
Monitor and govern Salesforce API consumption: per-user limits, org allocation, lightning-rest limits, and backoff. NOT for designing new endpoints.
flow-governance
Use when establishing operational standards for a Salesforce Flow portfolio, including naming conventions, ownership, version discipline, retirement of stale flows, and release readiness checks. Triggers: 'flow naming convention', 'too many old flows', 'who owns this flow', 'flow version governance'. NOT for element-by-element flow logic design or dedicated fault-handling review.
salesforce-files-architecture
Working with Salesforce Files at the data layer — `ContentVersion` (the binary content + version metadata), `ContentDocument` (the parent / shareable handle), `ContentDocumentLink` (the sharing / parent-record join), the 2 GB single-file size limit and the 10 MB feed-attached limit, the deprecated `Attachment` object, the `Document` object (Classic-only), and Files Connect for external file sources. Covers SOQL patterns to enumerate files attached to a record, Apex insert / link patterns, sharing implications of `ShareType` and `Visibility`, and the migration path from the legacy Attachment object. NOT for LWC file upload UI components (see lwc/lwc-file-upload-patterns), NOT for static-resource bundling (see lwc/static-resources).
nonprofit-data-architecture
Use this skill when designing or querying the NPSP data model — constituent 360, household accounts, giving history rollups, and program participation. Trigger keywords: NPSP data model, household account, constituent record, giving rollups, CRLP, program engagement, ServiceDelivery, npo02__ fields. NOT for standard data model design, Nonprofit Cloud (NPC) data model, FSC household groups, or platform data modeling outside the NPSP context.
data-quality-and-governance
Use this skill when designing data quality gates, auditing data quality posture, troubleshooting validation failures, or implementing governance controls (field history, GDPR erasure, data classification, duplicate strategy) across a Salesforce org. Trigger keywords: validation rules, field history, duplicate management, GDPR right to erasure, data retention, data classification, Shield Field Audit Trail, Einstein Data Detect, Matching Rules, PII anonymization. NOT for Duplicate Rules configuration step-by-step UI setup (use duplicate-management skill). NOT for bulk data migration execution (use data-migration skill).
wealth-management-architecture
Use this skill when designing or reviewing a Salesforce Financial Services Cloud (FSC) wealth management platform — covering advisor workspace configuration, client portal setup, portfolio data integration, Compliant Data Sharing, and FSC feature enablement decisions. NOT for investment product advice, financial planning calculations, or FSC Health Cloud configurations.
subscription-management-architecture
Use when designing or evaluating Salesforce CPQ subscription lifecycle architecture: amendment flow, renewal automation, co-termination design, or billing integration at the contract level. Trigger keywords: amendment architecture, renewal automation, co-termination design, subscription ledger, large-scale amendment, billing schedule, swap pattern, SBQQ__Subscription__c. NOT for billing setup, standard Salesforce contracts without CPQ, or Revenue Cloud advanced order management.
service-cloud-architecture
Use when designing a Service Cloud solution end-to-end: channel strategy (phone, email, chat, messaging, social), routing model (queue-based vs skills-based Omni-Channel), knowledge strategy, entitlement and SLA enforcement, Einstein Bot / Agentforce deflection, and integration points. Triggers: service cloud architecture, case routing design, omni-channel strategy, contact center design, channel strategy, knowledge deflection, service console architecture. NOT for individual feature configuration (use admin/case-management), NOT for Einstein Bot conversation design (use agentforce/einstein-bot-architecture), NOT for telephony CTI implementation details.
security-architecture-review
Use when conducting a dedicated security architecture review of a Salesforce org — assessing sharing model completeness, FLS/CRUD enforcement, Apex security patterns, exposed API surface, Connected App policies, and Shield readiness. Produces a structured findings report with severity ratings (Critical/High/Medium/Low) and a 20+ point review checklist. Triggers: security architecture review, org security posture, sharing model audit, FLS coverage review, Connected App security, Shield assessment, org security health deep-dive, HIPAA or PCI security controls Salesforce. NOT for implementing security fixes (use security/* skills). NOT for the Salesforce Security Health Check UI (use security-health-check skill). NOT for a full WAF review across all pillars (use well-architected-review).
salesforce-shield-architecture
Salesforce Shield as an architectural choice — Platform Encryption + Event Monitoring + Field Audit Trail as three SEPARATELY-LICENSED components, none of which ship in any standard edition. Covers BYOK vs Cache-Only Key Service (CCKM) tradeoffs, probabilistic vs deterministic encryption schemes, the field-type encryption blocklist (Formula, Roll-Up Summary, indexed External ID), Field Audit Trail's 10-year retention model, and why every Shield design starts with a license confirmation. NOT for individual feature setup steps (see security/platform-encryption, security/event-monitoring, security/field-audit-trail), NOT for compliance certification mapping (HIPAA / FedRAMP / PCI specifics).