Meta
guidelineactive

Agents Rule of Two: A Practical Approach to AI Agent Security

Meta

View original resource

Meta's heuristic constraining agents to at most two of: processing untrusted inputs, accessing sensitive systems, and taking unconfirmed actions. Frames the rule as a practical bound on blast radius until prompt-injection defences mature.

Tags

agentic AIsecurity

At a glance

Published

2025

Jurisdiction

Global

Category

Security and safeguards

Access

Public access

More in Security and safeguards

Secure AI Framework (SAIF) 2.0: Focus on Agents

Google • 2025

Google's Approach for Secure AI Agents

Christoph Kern, Kara Olive (Google) • 2025

Securing Agentic AI: An Addendum to the Guidelines and Companion Guide on Securing AI Systems

Cyber Security Agency of Singapore • 2025

Related resources

Practices for governing agentic AI systems: OpenAI's seven safety principles

Governance frameworks • OpenAI

OWASP Top 10 for LLM Applications

Risk taxonomies • OWASP

NIST Adversarial Machine Learning Taxonomy

Risk taxonomies • NIST

Build your AI governance program

VerifyWise helps you implement AI governance frameworks, track compliance, and manage risk across your AI systems.

Explore the libraryStart free trial
Agents Rule of Two: A Practical Approach to AI Agent Security | VerifyWise AI Governance Library