Integrations/Hugging Face

Control what your AI agents do in Hugging Face.

Let your team build AI agents for Hugging Face. Bollard AI controls what each one can do, repository by repository.

Hugging Face
Model Ops Agent
models RepoOffReadFull use
datasets RepoOffReadFull use
private-research RepoOffReadFull use
Change visibility and delete repos
What agents can do

Set what each agent can do in every repository.

Each repository gets one of three levels: Off, Read, or Full use. Anything not allowed is denied.

Off
No access
The agent can't see the repository or that it exists.
Read
Read-only
The agent can read the files and model cards in that repository. It can't change anything.
Full use
Create and update
The agent can create and update files in that repository.

Some actions stay off until explicitly turned on

Each one exposes work to the public, removes it for good, or spends money, so it could override the limits set on individual repositories.

Changing a repository to publicDeleting repositoriesRunning paid inference endpoints
Set up & manage

Connect once. Manage everyone from there.

Connect once, then control access person by person. No new keys to hand out.

Step 1 · Set up

Connect once, company-wide

An admin connects your company's Hugging Face a single time and chooses which repositories it covers. Any repository left out stays out of reach for every agent.

Step 2 · Manage

Control access per person and agent

From one dashboard, set what every person and their agents can reach. Change it any time, with no new keys for anyone.

OffNo access
ReadRead-only
Full useRead, create, and update files in a single repository
Example

A model card agent.

A model ops agent updates files in models and can read datasets, but it can't open the private-research repository or make a repo public.

models RepoOffReadFull use
datasets RepoOffReadFull use
private-research RepoOffReadFull use

Manage access

ALLOWEDModel Ops Agent updated a file in models
ALLOWEDModel Ops Agent read a file in datasets
BLOCKEDModel Ops Agent tried to open private-research, denied by default

Monitor activity

The security model

Top-tier security.

Bollard AI is access control for AI agents. It sits between your agents and Hugging Face, so they never hold your Hugging Face keys and never reach Hugging Face directly.

Everything runs through Bollard AI

Agents send their requests to Bollard AI, not to Hugging Face. Bollard AI checks each one against your rules and passes only the allowed requests through.

Denied by default

Every repository starts off-limits, and making one public is held back on top of that. An agent gets in only where you've allowed it, and anything Bollard AI doesn't recognise is refused and held for review, never waved through on a guess.

Your keys stay sealed

Your Hugging Face keys are sealed in a vault unique to your company and never shown again. Bollard AI unlocks them only for the instant an allowed request needs it.

Activity you can read

Every attempt is recorded in plain English: who or which agent, what they tried, which repository or file, and the decision. The record is readable and can't be edited after the fact.

Questions

Hugging Face, answered.

Does connecting Hugging Face hand Bollard AI all your repositories?+
Only what's connected. An admin chooses which repositories Bollard AI covers, and that sets the most any agent could reach. Bollard AI doesn't browse or copy your repositories. It sits in front of them and checks every request the agents make, passing or blocking each one.
Can an agent make a repository public or delete it?+
Not unless you turn it on. Changing a repository to public, and deleting repositories, are held off by default, so an agent can update files where you allow without ever exposing or removing your work, until you explicitly allow it.
Can an agent see more than the person who owns it?+
No. An agent reaches only what its owner reaches. An explicit Off always overrides an inherited permission.
Where do our Hugging Face keys live?+
Sealed in an encrypted vault, behind a key unique to your company. It's never shown again once connected, and Bollard AI unseals it only for the instant an allowed request needs it.
What happens when an agent tries something it's not allowed to do?+
Bollard AI blocks the request before it reaches Hugging Face, and the blocked attempt lands in the activity record with the reason.
How do we connect Hugging Face?+
An admin connects the company's Hugging Face once. Bollard AI seals the connection and builds the list of repositories to set rules for. From then on, all management happens in the Bollard AI dashboard.
Early access

Put your team's agents to work in Hugging Face, without the risk.

We're onboarding our first development partners now. Tell us about your setup and we'll be in touch.