DTwo Policy Store
CRM · ACCESS CONTROL

Give AI agents read-only access to your CRM

For a low-risk CRM pilot, give the agent a one-way mirror: it reads every record and changes none. The read-only policies enforce that, and a query allowlist tightens it further.

For: Teams piloting AI on a CRM who want zero write risk

For a low-risk CRM pilot, give the agent read access only. It can query every record but cannot change any. It can't flip a deal stage, overwrite an owner, or run a bulk update from a misread instruction.

read-only does this fail-closed. The Salesforce variant allowlists the read tools and denies the rest, so a write tool you haven't seen yet is denied by default rather than allowed. The HubSpot variant blocks the single *-manage-crm-objects write tool that fronts every mutation. Either way, the integration can't make a write.

If even the reads need a fence, add query-allowlist. It restricts Salesforce SOQL to the Account, Contact, and Opportunity objects, so the agent can't query arbitrary objects across the org. Run fully read-only for the pilot. Once the workflow earns trust, relax to the narrow write-protection policies.

Policies in this guide