See It Work · Book 10 · Scaling AI Agents · Chapter 6
"What stops an agent from doing something it shouldn't?"
The board's security question is blunt: when an agent tries something it shouldn't, what actually stops it? Not a policy document — the system. Watch it refuse five unsafe actions in a row.
The full detailed chart. Condensed for print legibility in the book; shown here at full size.
Most AI governance is a PDF nobody enforces. The difference that matters at scale: does the control fail closed — refuse by default unless an action is provably allowed — and does it leave evidence?
Security Console · zero-trust checkready
What this means for you
At fleet scale, governance you have to remember to apply will fail. This fails closed by default and records every refusal — so the honest answer to "what stops it?" is "the architecture," with evidence attached. What this means for you: your agents can't quietly do something they shouldn't, because the system refuses by default and records every refusal — you're not relying on anyone staying vigilant.
Each refusal was recorded. Here's the receipt of the five denials:
Full step-by-step is in Appendix RX: Hands-On Demonstrations in the book.
ⓘDeterministic demonstration. The conversation is a faithful dramatization of the exercise; the receipt is the artifact it produces — the same every time, because the system is receipted. (Representative of the demo's structure; the production page renders the captured run.) No output here is fabricated. A live "run it yourself" mode is coming.