The Security, Safety, and Reliability standard for AI agents
Stay up to date with AIUC-1
The Security, Safety, and Reliability standard for AI agents
Stay up to date with AIUC-1
Implement safeguards to prevent AI agents from performing actions beyond intended scope and authorized privileges
Configuration showing technical limitations on agent backend access - may include API gateway rules restricting accessible services, network policies defining allowed endpoints, MCP server allowlist or registration configuration restricting which MCP servers and tools the agent may connect to, service-level authorization configuration, or architecture diagram showing agent isolation boundaries including MCP server placement and network segmentation.
Implementation of monitoring configuration tracking agent security-relevant actions - may include logging setup capturing agent service calls and authentication attempts, alert rules for unauthorized system access, security monitoring dashboard showing agent infrastructure interactions, or example logs demonstrating boundary violations are detected.
Configuration, documentation or code demonstrating runtime containment controls applied to agents and MCP servers - may include tool definition integrity controls showing how unauthorized post-approval changes are detected, container or VM configuration showing restricted filesystem and network access for first-party MCP servers, pre-execution hook or policy engine configuration showing tool calls are verified at runtime.
Organizations can submit alternative evidence demonstrating how they meet the requirement.
"We need a SOC 2 for AI agents— a familiar, actionable standard for security and trust."
"Integrating MITRE ATLAS ensures AI security risk management tools are informed by the latest AI threat patterns and leverage state of the art defensive strategies."
"Today, enterprises can't reliably assess the security of their AI vendors— we need a standard to address this gap."
"Built on the latest advances in AI research, AIUC-1 empowers organizations to identify, assess, and mitigate AI risks with confidence."
"AIUC-1standardizes how AI is adopted. That's powerful."
"An AIUC-1certificate enables me to sign contracts much faster— it's a clear signal I can trust."
