Safety Boundaries
Safety boundaries are explicit declarations that control how and when operations can be executed. They prevent agents from performing dangerous actions without appropriate safeguards.
Safety Dimensions
Risk Classification
| Level | Description | Example |
|---|---|---|
none | No risk — read-only, no side effects | Product search |
low | Minor risk — easily reversible | Adding item to cart |
medium | Moderate risk — state changes that require attention | Updating user profile |
high | Significant risk — financial or data impact | Processing payment |
critical | Maximum risk — irreversible, high-impact | Deleting an account |
Confirmation Requirements
Operations classified as high or critical risk SHOULD require explicit confirmation before execution.
<button
axag-intent="account.delete"
axag-risk-level="critical"
axag-confirmation-required="true"
axag-confirmation-message="This will permanently delete the account and all associated data."
>
Delete Account
</button>
Approval Requirements
Some operations require multi-party approval before execution:
<button
axag-intent="payment.refund"
axag-risk-level="high"
axag-approval-required="true"
axag-approval-roles='["finance_manager"]'
axag-approval-count="1"
>
Issue Refund
</button>
Rate Limits and Cooldowns
<button
axag-intent="email.send_bulk"
axag-risk-level="medium"
axag-rate-limit="100/hour"
axag-cooldown="60s"
>
Send Campaign
</button>
Why Safety Boundaries Are Non-Negotiable
An agent without safety boundaries is equivalent to giving every user root access. Without explicit risk declarations, agents cannot distinguish between browsing products and deleting accounts.