🛡 AI Agent Security Demo
Real-time audit trail & guardrails — Financial Services context
← Home
About
Technology Controls · v2.0.0
Scenarios
LIVE
Normal Operation
FCA compliance briefing. Real agent run — full live audit trail.
ATTACK
Prompt Injection
Hidden instructions hijack the agent.
ON:
blocked.
OFF:
data exfiltrated.
RISK
Unauthorized Tool
Agent attempts to email 847 clients.
ON:
blocked.
OFF:
emails sent.
RISK
Runaway Agent
Agent hits action budget mid-task.
ON:
stopped.
OFF:
unconstrained.
SAFE
Pre-execution Review
Human-in-the-loop: planned actions held for approval before execution.
ATTACK
Poisoned Tool Result
Worker result carries adversarial instructions.
ON:
blocked.
OFF:
orchestrator compromised.
RISK
Worker Over-Compliance
Worker executes any dispatch without scope check.
ON:
blocked.
OFF:
resignation letter sent.
ATTACK
AI Attack Chain
Recon → exploit → exfiltrate in seconds.
ON:
stopped at phase 2.
OFF:
full chain.
HITL
HITL Checkpoint
High-value transaction awaits human approval.
ON:
paused.
OFF:
executes immediately.
Task
Scripted scenario — task is fixed. Toggle guardrails to switch outcome.
✉ Attacker exfiltration address
With guardrails OFF, the compromised agent will "send" stolen data here.
Guardrails
Enable guardrails
Allowlist · budget cap · injection scan
Allowed Tools
research
write
send_client_email
Max Tool Calls
10
▶ Run Agent
🔍
Under the Hood
Full audit trail — every internal event in real time
👤
User View
What the end-user actually sees
Run a scenario to see what the user receives.
Ready
Events
—
Tool calls
—
Blocked
—
Tokens
—
Duration
—