Record summary
A quick snapshot of what this page covers.
Control summary
What this defense is meant to help prevent.
Systems should require the user or another human stakeholder to approve AI agent actions before the agent takes them. The human approver may be technical staff or business unit SMEs depending on the use case. Separate tools, such as dedicated audit agents, may assist human approval, but final adjudication should be conducted by a human decision-maker.
The security benefits from Human In-the-Loop policies may be at odds with operational overhead costs of additional approvals. To ease this, Human In-the-Loop policies should follow the degree of consequence of the task at hand. Minor, repetitive tasks performed by agents accessing basic tools may only require minimal human oversight, while agents employed in systems with significant consequences may necessitate approval from multiple stakeholders diversified across multiple organizations.
- ATLAS ID
- AML.M0029
- Priority score
- 15
Covered techniques
Attacks this defense is designed to help with.
AML.T0053 - AI Agent Tool Invocation
Requiring user confirmation of AI agent tool invocations can prevent the automatic execution of tools by an adversary.
AML.T0101 - Data Destruction via AI Agent Tool Invocation
Requiring user confirmation of AI agent tool invocations can prevent the automatic execution of tools by an adversary.
AML.T0086 - Exfiltration via AI Agent Tool Invocation
Requiring user confirmation of AI agent tool invocations can prevent the automatic execution of tools by an adversary.
Source
Where this page information comes from.
Original source
Original source links
Open the public records and source datasets used for this page.