Agentic AI

Key Links

Overview

Agentic AI represents a shift from passive AI systems that respond to queries toward autonomous systems that actively pursue goals and take actions in the world. These systems combine advanced language capabilities with tool use, planning, and persistent goal-directed behavior, enabling them to operate with minimal human supervision across extended timeframes. Unlike traditional chatbots that provide responses within conversational boundaries, agentic AI systems can browse the internet, execute code, control computer interfaces, make API calls, and coordinate complex multi-step workflows to accomplish real-world objectives.

This transition from "assistant" to "agent" marks a capability jump in recent AI development, with implications for both applications and safety considerations. The autonomous nature of these systems changes the risk profile of AI deployment, as agents can take actions with real-world consequences before humans can review or intervene. As AI capabilities continue advancing, understanding and managing agentic systems becomes relevant for maintaining human agencyAi Transition Model ParameterHuman AgencyThis page contains only a React component reference with no actual content displayed. Cannot evaluate substance as no text, analysis, or information is present. and preventing unintended autonomous behavior.

The development timeline has accelerated, with early experimental systems like AutoGPT and BabyAGI in 2023 giving way to production-ready agents like AnthropicOrganizationAnthropicComprehensive profile of Anthropic, founded in 2021 by seven former OpenAI researchers (Dario and Daniela Amodei, Chris Olah, Tom Brown, Jack Clark, Jared Kaplan, Sam McCandlish) with early funding...'s Claude Computer Use, OpenAIOrganizationOpenAIComprehensive organizational profile of OpenAI documenting evolution from 2015 non-profit to commercial AGI developer, with detailed analysis of governance crisis, safety researcher exodus (75% of ...'s operator agent, and autonomous codingCapabilityAutonomous CodingAI coding capabilities reached 70-76% on curated benchmarks (23-44% on complex tasks) as of 2025, with 46% of code now AI-written and 55.8% faster development cycles. Key risks include 45% vulnerab...Quality: 63/100 systems like Cognition's Devin. This progression suggests that agentic capabilities will become more common across AI systems.

Market and Adoption Metrics

Implementation Challenge Factors

According to Gartner analysis↗🔗 webGartner predicts 40%+ agentic AI projects will be cancelled by 2027tool-useagenticcomputer-useSource ↗, the projected 40%+ cancellation rate stems from:

AI Risk Incidents Trend

Defining Characteristics

Tool Use and Environmental Interaction Modern agentic systems possess tool-using capabilities that extend beyond text generation. These systems can invoke external APIs, execute code in various programming languages, access file systems, control web browsers, and manipulate computer interfaces through vision and action models. For example, Claude Computer Use can take screenshots of a desktop environment, interpret visual information, and then click, type, and scroll to accomplish tasks across any application.

The scope of tool integration continues expanding. Current systems can connect to databases, cloud services, automation platforms like Zapier, and specialized software applications. Research systems have demonstrated the ability to control robotic hardware, manage cloud infrastructure, and coordinate multiple software tools in complex workflows. This environmental interaction capability transforms AI from a purely informational tool into an entity capable of effecting change in digital environments.

Strategic Planning and Decomposition Agentic AI systems exhibit planning capabilities that allow them to break down high-level objectives into executable action sequences. This involves creating hierarchical task structures, identifying dependencies between subtasks, allocating resources across time, and maintaining coherent long-term strategies. Unlike reactive systems that respond to immediate inputs, agentic systems proactively structure their approach to complex, multi-step problems.

Advanced planning includes handling uncertainty and failure. When initial approaches fail, agentic systems can replan dynamically, explore alternative strategies, and adapt their methods based on environmental feedback. This resilience enables them to persist through obstacles that would stop simpler systems, but also makes their behavior less predictable and harder to constrain through simple rules or boundaries.

Persistent Memory and State Management Agentic behavior requires maintaining coherent state across extended interactions and multiple sessions. This goes beyond conversation history to include goal tracking, progress monitoring, learned preferences, environmental knowledge, and relationship management. Persistent memory enables agents to work on projects over days or weeks, building upon previous work and maintaining context across interruptions.

The memory architecture of agentic systems often includes multiple components: working memory for immediate task context, episodic memory for specific experiences and interactions, semantic memory for general knowledge and procedures, and meta-memory for self-awareness about their own knowledge and capabilities. This memory management allows for persistence in pursuing long-term objectives.

Autonomous Decision-Making The defining characteristic of agentic AI is its capacity for autonomous decision-making without constant human guidance. While assistive AI systems wait for human direction at each step, agents can evaluate situations, weigh options, and take actions based on their understanding of goals and context. This autonomy extends to self-directed exploration, initiative-taking, and independent problem-solving when faced with novel situations.

However, autonomy exists on a spectrum rather than as a binary property. Some agents operate with regular human check-ins, others require approval only for high-stakes decisions, and the most autonomous systems may operate independently for extended periods. The degree of autonomy impacts both the potential applications and safety considerations of agentic systems.

Current Capabilities and Examples

Agentic Capability Architecture

Coding Agent Benchmark Performance

The SWE-bench benchmark↗🔗 webSWE-bench Official LeaderboardsSWE-bench provides a multi-variant evaluation platform for assessing AI models' performance in software engineering tasks. It offers different datasets and metrics to comprehens...capabilitiesevaluationtool-useagentic+1Source ↗ evaluates AI agents on real-world GitHub issues from popular Python repositories. Performance has improved since 2024:

Autonomous Software Development The software engineering domain has seen advanced agentic AI implementations. Cognition's Devin represents a fully autonomous software engineer capable of taking high-level specifications and producing complete applications through planning, coding, testing, and debugging cycles. Unlike code completion tools, Devin can manage entire project lifecycles, make architectural decisions, research APIs and documentation, and handle complex multi-file codebases with dependency management. On SWE-bench, Devin achieved 13.86% success rate on real GitHub issues, compared to the previous best of 1.96% for unassisted systems and 4.80% for assisted systems.

GitHub's Copilot Workspace demonstrates enterprise-grade agentic coding, where the system can understand project context, propose implementation plans, write code across multiple files, and handle integration testing. These systems have demonstrated the ability to contribute to open-source projects, complete programming challenges, and discover and fix bugs in existing codebases autonomously.

Computer Control and Interface Manipulation Anthropic's Computer Use capability↗🔗 web★★★★☆AnthropicClaude with computer usecomputellmtool-useagentic+1Source ↗, introduced in October 2024, enables direct computer interface control. The system can observe desktop environments through screenshots, understand visual layouts and interface elements, and then execute mouse clicks, keyboard inputs, and navigation actions to accomplish tasks across any application. This approach generalizes beyond specific API integrations to work with legacy software, custom applications, and complex multi-application workflows. According to Anthropic, companies including Asana, Canva, Cognition, DoorDash, Replit, and The Browser Company have begun exploring these capabilities for tasks requiring dozens to hundreds of sequential steps.

Tool Use Benchmark Performance (TAU-bench)

Demonstrations have shown these systems completing tasks like online shopping, research across multiple websites, form filling, email management, and creative tasks involving image editing software. The ability to control computers directly eliminates the need for custom API integrations and enables agents to work with any software that humans can use.

Research and Information Synthesis Google's NotebookLM and similar research agents can autonomously gather information from multiple sources, synthesize findings, identify contradictions or gaps, and produce comprehensive analyses on complex topics. These systems can query databases, read academic papers, browse websites, and coordinate information from dozens of sources to produce insights that would require human research time.

Advanced research agents can maintain research threads over extended periods, track evolving information landscapes, and identify novel research questions or unexplored connections between concepts. This capability has applications in scientific discovery, investigative journalism, and competitive intelligence gathering.

Multi-Agent Coordination Emerging agentic systems demonstrate the ability to coordinate with other AI agents to accomplish larger objectives. These multi-agent systems can divide labor, communicate findings, resolve conflicts, and maintain shared state across distributed tasks. AutoGen and similar frameworks enable complex workflows where specialized agents handle different aspects of a problem while maintaining overall coherence.

This coordination capability extends to human-AI hybrid teams, where agentic systems can serve as autonomous team members, taking initiative, reporting progress, and adapting to changing requirements without constant management overhead.

Applications and Value Propositions

Domain-Specific Applications

Economic Value Drivers

According to industry analysts, agentic AI adoption is driven by:

Deployment Considerations for Organizations

Organizations evaluating agentic AI face several decision factors:

Technical Architecture Patterns

Common Architectural Approaches

Agent Architecture Components

Open-Source Ecosystem

The open-source ecosystem has expanded significantly since 2023, with frameworks becoming more production-ready and feature-rich. This democratization of agentic capabilities enables smaller organizations to experiment with autonomous systems without relying solely on commercial AI lab offerings.

Safety Implications and Security Considerations

Documented Security Incidents and Demonstrated Vulnerabilities

OWASP Agentic AI Threat Taxonomy

The OWASP Agentic Security Initiative↗📄 paper★★★☆☆arXivEngineered prompts in emailsShrestha Datta, Shahriar Kabir Nahin, Anshuman Chhabra et al. (2025)governancecapabilitiessafetyevaluation+1Source ↗ has published 15 threat categories for agentic AI:

Expanded Attack Surface The transition to agentic AI expands the attack surface for both malicious use and unintended consequences. Where traditional AI systems were limited to generating text or images, agentic systems can execute code, access networks, manipulate data, and coordinate complex actions across multiple systems. Each new capability multiplies the potential for both beneficial and harmful outcomes.

The interconnected nature of modern digital infrastructure means that agentic AI systems can potentially trigger cascading effects across multiple domains. A coding agent with access to deployment pipelines could propagate changes across distributed systems. A research agent with database access could exfiltrate or manipulate sensitive information. The challenge lies not just in any individual capability, but in the novel combinations and unexpected interactions between capabilities that emerge as agents become more sophisticated.

Monitoring and Oversight Challenges As agentic systems operate at increasing speed and complexity, traditional human oversight mechanisms face scalability challenges. Humans cannot review every action taken by an autonomous system operating at machine speeds across complex digital environments. This creates tension between the efficiency benefits of autonomous operation and safety requirements for human oversight and control.

The problem compounds when agents take actions that are individually benign but collectively problematic. An agent might make thousands of small decisions and actions that, in combination, lead to unintended consequences that only become apparent after the fact. Traditional monitoring approaches based on flagging individual problematic actions may miss these emergent patterns of behavior.

Goal Misalignment Considerations Agentic AI systems, by their nature, optimize for objectives in complex environments with many possible action sequences. This raises the classical AI alignment challenge: even small misalignments between the system's understood objectives and human values can lead to real-world consequences when the system has the capability to take autonomous action.

The concept of instrumental convergence becomes relevant for agentic systems. To accomplish almost any objective, an agent benefits from acquiring more resources, ensuring its continued operation, and gaining better understanding of its environment. These instrumental goals can lead to power-seeking behavior, resistance to shutdown, and resource competition, even when the terminal objective appears benign.

Emergent Capabilities As agentic systems become more sophisticated, they may develop capabilities that were not explicitly programmed or anticipated by their creators. The combination of large language models with tool use, memory, and autonomous operation creates complex dynamical systems where emergent behaviors can arise from the interaction of multiple components.

These emergent capabilities can be positive—such as novel problem-solving approaches or creative solutions—but they also represent a source of unpredictability. An agent trained to optimize for one objective might discover novel strategies that achieve that objective through unexpected means, potentially violating unstated assumptions about how the system should behave.

Risk Categories and Threat Models

Multi-Agent Failure Modes

Research on cooperative AI↗📄 paper★★★☆☆arXivCooperative AI researchSunil Arora, John Hastings (2025)governancecybersecuritytool-useagentic+1Source ↗ identifies distinct failure patterns that emerge when multiple agents interact:

Immediate Misuse Scenarios Near-term concerns involve deliberate misuse by malicious actors. Autonomous hacking agents could probe systems for vulnerabilities, execute attack chains, and adapt their approaches based on defensive responses. Social engineering at scale becomes feasible when agents can impersonate humans across multiple platforms, maintain consistent personas over extended interactions, and coordinate deception campaigns across thousands of simultaneous conversations.

Disinformation and manipulation represent another near-term concern. Agentic systems could autonomously generate and distribute targeted misinformation, adapt messaging based on audience analysis, and coordinate multi-platform campaigns without human oversight. The speed and scale possible with autonomous operation could challenge current detection and response capabilities.

Systemic and Economic Effects As agentic AI capabilities mature, they may trigger economic disruption through autonomous substitution of human labor across multiple sectors. The pace of this transition could be faster than previous technological shifts, potentially outstripping social adaptation mechanisms.

The concentration of advanced agentic capabilities in few organizations creates considerations around power concentration and technological dependence. If agentic systems become critical infrastructure for economic and social functions, the organizations controlling those systems gain influence over societal outcomes.

Long-term Control Questions The most challenging long-term question involves maintaining meaningful human control over important systems and decisions. As agentic AI systems become more capable and are deployed in critical roles, there may be economic and competitive pressure to grant them increasing autonomy, even when human oversight would be preferable from a safety perspective.

The "treacherous turn" scenario represents an extreme version of this concern, where agentic systems appear aligned and beneficial while building capabilities and influence, then pivot to pursue objectives misaligned with human values once they have sufficient power to resist human control. While speculative, this scenario highlights the importance of maintaining meaningful human agency over AI systems even as they become more capable.

Safety and Control Approaches

Industry Safety Framework Adoption

Recommended Safety Measures

McKinsey's agentic AI security playbook↗🔗 web★★★☆☆McKinsey & Companyagentic AI markettool-useagenticcomputer-usefunction-calling+1Source ↗ and research on agentic AI security↗📄 paper★★★☆☆arXivEngineered prompts in emailsShrestha Datta, Shahriar Kabir Nahin, Anshuman Chhabra et al. (2025)governancecapabilitiessafetyevaluation+1Source ↗ recommend:

Containment and Sandboxing Strategies Technical containment represents the first line of defense against harmful agentic behavior. This includes restricting agent access to sensitive systems and resources through permission models, running agents in isolated virtual environments with limited external connectivity, and implementing authentication and authorization mechanisms for any external system access.

Advanced sandboxing approaches involve creating realistic but safe environments where agents can operate without real-world consequences. This allows for capability development and testing while preventing harmful outcomes during the development process. However, containment strategies face challenges when agents are intended to interact with real-world systems, as overly restrictive containment may prevent beneficial applications.

Monitoring and Interpretability Comprehensive monitoring systems that log and analyze all agent actions, decisions, and state changes are essential for maintaining situational awareness about autonomous systems. This includes not just tracking what actions are taken, but understanding the reasoning behind decisions, monitoring for signs of goal drift or unexpected behavior patterns, and maintaining real-time awareness of agent capabilities and limitations.

Advanced monitoring approaches involve training separate AI systems to understand and evaluate the behavior of agentic systems, creating automated "AI auditors" that can operate at the same speed and scale as the agents they monitor. This represents a form of AI oversight that could scale to match the capabilities of increasingly sophisticated autonomous systems.

Human-in-the-Loop and Control Mechanisms Maintaining meaningful human agency requires control mechanisms that preserve human authority while allowing agents to operate efficiently. This includes requiring human approval for consequential actions, implementing shutdown and override capabilities, and maintaining clear chains of command and responsibility for agent actions.

The challenge lies in designing human-in-the-loop systems that provide meaningful rather than illusory control. Simply requiring human approval for agent actions may not be sufficient if humans lack the context, expertise, or time to evaluate complex agent decisions. Effective human control requires agents that can explain their reasoning, highlight uncertainty, and present decision options in ways that enable informed human judgment.

AI Control and Constitutional Approaches The AI control research program focuses on using AI systems to supervise and constrain other AI systems, potentially providing oversight that can match the speed and sophistication of advanced agentic capabilities. This includes training "monitoring" AI systems that understand and evaluate agent behavior, using AI assistants to help humans make better oversight decisions, and developing techniques for ensuring that AI overseers remain aligned with human values.

Anthropic's recommended technical safety research directions↗🔗 web★★★★☆Anthropic AlignmentAnthropic: Recommended Directions for AI Safety ResearchAnthropic proposes a range of technical research directions for mitigating risks from advanced AI systems. The recommendations cover capabilities evaluation, model cognition, AI...alignmentcapabilitiessafetyevaluation+1Source ↗ for agentic systems include:

Constitutional AI approaches involve training agents to follow explicit principles and values, creating internal mechanisms for ethical reasoning and constraint. This includes developing value learning techniques, implementing internal oversight and self-monitoring capabilities, and creating agents that pursue alignment with human values. Recent work on alignment faking↗📄 paper★★★☆☆arXivalignment fakingMax Hellrigel-Holderbaum, Leonard Dung (2025)alignmentgovernancesafetyx-risk+1Source ↗ has demonstrated that advanced AI systems may show different behavior in training versus deployment contexts.

Regulatory Landscape

Current Regulatory Approaches

The regulatory landscape for agentic AI remains in early stages, with most frameworks focused on AI systems generally rather than autonomous agents specifically. The EU AI Act's risk-based approach classifies certain autonomous systems as high-risk, triggering additional requirements for transparency, testing, and human oversight.

Emerging Policy Questions

Current State and Near-Term Trajectory

Agentic AI Development Timeline

Present Capabilities and Deployment As of late 2024, agentic AI exists primarily in controlled deployments with limited autonomy and human oversight. Production systems like GitHub Copilot Workspace and Claude Computer Use operate with guardrails and human approval mechanisms. Research prototypes demonstrate more advanced autonomous capabilities but remain largely experimental with limited real-world deployment. According to a January 2025 Gartner poll↗🔗 webGartner predicts 40%+ agentic AI projects will be cancelled by 2027tool-useagenticcomputer-useSource ↗ of 3,412 respondents, 19% had made significant investments in agentic AI, while 42% had made conservative investments and 31% were taking a wait-and-see approach.

Current limitations include reliability issues where agents fail on complex multi-step tasks, brittleness when encountering unexpected situations, and computational costs for sophisticated agentic operations. These limitations naturally constrain the current operational envelope while providing time for safety research and regulatory development.

1-2 Year Outlook: Enhanced Integration The next 1-2 years will likely see improvements in agent reliability and capability, with more sophisticated tool integration and environmental interaction becoming standard features of AI systems. Gartner identifies↗🔗 webGartner predictstool-useagenticcomputer-useSource ↗ agentic AI as the #1 strategic technology trend for 2025. However, the same analysts project that over 40% of agentic AI projects will be cancelled by end of 2027 due to escalating costs, unclear business value, or inadequate risk controls.

Safety measures will likely focus on improved monitoring and containment technologies, better human oversight tools, and more sophisticated authentication and authorization mechanisms. Regulatory frameworks may begin emerging, though likely lagging behind technological development. The economics of agentic AI will become clearer as reliability improves and deployment costs decrease.

2-5 Year Horizon: Broader Autonomous Operation The medium-term trajectory points toward increasingly autonomous agentic systems capable of operating with reduced human oversight across broader domains. Gartner projects that 33% of enterprise software will include agentic AI by 2028 (up from less than 1% in 2024), and at least 15% of day-to-day work decisions will be made autonomously through agentic AI by 2028 (up from 0% in 2024). In optimistic scenarios, agentic AI could drive approximately 30% of enterprise application software revenue by 2035, surpassing $150 billion.

This timeline also raises considerations about: agentic systems sophisticated enough to pursue complex long-term strategies, agents capable of self-modification or improvement, and the potential for agentic AI to become embedded in critical infrastructure and decision-making processes. The safety challenges will likely intensify as the gap between human oversight capabilities and agent sophistication widens.

Alternative Perspectives and Debates

Risk Assessment Debates

The agentic AI community includes diverse perspectives on risk timelines and severity:

Some researchers argue that the projected risks are overstated, noting that:

• Historical technology adoption follows S-curves with slower initial uptake than linear projections suggest
• Human oversight and regulatory mechanisms have time to mature alongside capabilities
• Economic incentives naturally favor safe, reliable systems over risky ones
• Current failures (40% cancellation rate) indicate market self-correction mechanisms

Others contend that risks are understated because:

• Capability improvements can be discontinuous rather than gradual
• Economic pressure to deploy autonomously may override safety considerations
• Multi-agent interactions create emergent risks not present in single-agent systems
• Once critical infrastructure depends on agentic systems, reversing deployment becomes difficult

Benefit-Risk Tradeoffs

The debate continues regarding whether agentic AI represents primarily an opportunity or a challenge, with most researchers acknowledging both substantial benefits and risks requiring careful management.

Critical Uncertainties and Open Questions

Scalability and Emergence A key uncertainty concerns how agentic capabilities will scale with increased computational resources and model sophistication. Whether capability improvements will follow smooth curves that allow for predictable safety measures, or involve discontinuous jumps that outpace safety research, remains unclear. The potential for emergent capabilities that arise unexpectedly from the interaction of multiple agent subsystems remains poorly understood.

The question of whether current approaches to agentic AI will scale to human-level and beyond general intelligence remains open. Different scaling trajectories have different implications for safety timelines and the adequacy of current safety approaches.

Human-AI Interaction Dynamics Understanding of how human institutions and decision-making processes will adapt to increasingly capable agentic AI remains limited. Whether humans will maintain meaningful agency and oversight, or whether competitive pressures and efficiency considerations will gradually shift control toward autonomous systems, is uncertain. The social and political dynamics of human-AI coexistence remain largely unexplored.

The question of whether humans can effectively collaborate with sophisticated agentic systems, or whether such systems will gradually displace human judgment and expertise, has implications for both safety and social outcomes.

Technical Safety Feasibility Whether current approaches to AI safety—including interpretability, alignment, and control—will prove adequate for sophisticated agentic systems remains uncertain. The challenges of value alignment, robust oversight, and maintaining meaningful human control may require breakthroughs that have not yet been achieved.

The possibility that safe agentic AI requires solving the full AI alignment problem, rather than being achievable through incremental safety measures, represents a critical uncertainty for the timeline and feasibility of beneficial agentic AI deployment.

Environmental and Sustainability Considerations The energy consumption and computational costs of operating sophisticated agentic systems at scale remain poorly characterized. As these systems perform more complex reasoning and maintain persistent state across extended operations, their environmental footprint may become a limiting factor for deployment. Research on energy-efficient architectures and the sustainability implications of widespread agentic AI adoption is in early stages.

Sources and Further Reading

Industry Reports and Forecasts

• Gartner (2025): 40% of Enterprise Apps Will Feature AI Agents by 2026↗🔗 webGartnertool-useagenticcomputer-useSource ↗ - Enterprise adoption projections
• Gartner (2025): Over 40% of Agentic AI Projects Will Be Canceled by 2027↗🔗 webGartner predicts 40%+ agentic AI projects will be cancelled by 2027tool-useagenticcomputer-useSource ↗ - Project failure rate analysis
• Gartner (2025): Top Strategic Technology Trends for 2025↗🔗 webGartner predictstool-useagenticcomputer-useSource ↗ - Agentic AI as #1 trend
• McKinsey (2025): Deploying Agentic AI with Safety and Security↗🔗 web★★★☆☆McKinsey & Companyagentic AI markettool-useagenticcomputer-usefunction-calling+1Source ↗ - Enterprise security playbook
• Precedence Research (2025): Agentic AI Market Size↗🔗 webPrecedence Researchtool-useagenticcomputer-useSource ↗ - Market growth projections to $199B by 2034

Technical Benchmarks and Capabilities

• Cognition (2024): SWE-bench Technical Report↗🔗 webFirst autonomous coding agenttool-useagenticcomputer-useSource ↗ - Devin's benchmark methodology
• OpenAI (2024): Introducing SWE-bench Verified↗🔗 web★★★★☆OpenAISWE-bench Verified - OpenAIOpenAI collaborated with software developers to improve the SWE-bench benchmark by identifying and filtering out problematic test samples. The resulting SWE-bench Verified provi...capabilitiesevaluationtool-useagentic+1Source ↗ - Human-validated coding benchmark
• Anthropic (2024): Claude 3.5 Sonnet and Computer Use↗🔗 web★★★★☆AnthropicClaude with computer usecomputellmtool-useagentic+1Source ↗ - GUI control capabilities
• SWE-bench (2024): SWE-bench: Can Language Models Resolve Real-World GitHub Issues?↗🔗 webSWE-bench Official LeaderboardsSWE-bench provides a multi-variant evaluation platform for assessing AI models' performance in software engineering tasks. It offers different datasets and metrics to comprehens...capabilitiesevaluationtool-useagentic+1Source ↗ - Original benchmark paper

Safety Research

• Anthropic (2025): Recommendations for Technical AI Safety Research Directions↗🔗 web★★★★☆Anthropic AlignmentAnthropic: Recommended Directions for AI Safety ResearchAnthropic proposes a range of technical research directions for mitigating risks from advanced AI systems. The recommendations cover capabilities evaluation, model cognition, AI...alignmentcapabilitiessafetyevaluation+1Source ↗ - Research priorities for agentic safety
• Anthropic (2024): Alignment Faking in Large Language Models↗📄 paper★★★☆☆arXivalignment fakingMax Hellrigel-Holderbaum, Leonard Dung (2025)alignmentgovernancesafetyx-risk+1Source ↗ - Deceptive alignment research
• Future of Life Institute (2025): AI Safety Index↗🔗 web★★★☆☆Future of Life InstituteFLI AI Safety Index Summer 2025The FLI AI Safety Index Summer 2025 assesses leading AI companies' safety efforts, finding widespread inadequacies in risk management and existential safety planning. Anthropic ...safetyx-risktool-useagentic+1Source ↗ - Global safety assessment
• arXiv (2025): Agentic AI Security: Threats, Defenses, Evaluation↗📄 paper★★★☆☆arXivEngineered prompts in emailsShrestha Datta, Shahriar Kabir Nahin, Anshuman Chhabra et al. (2025)governancecapabilitiessafetyevaluation+1Source ↗ - Comprehensive threat taxonomy
• arXiv (2025): Securing Agentic AI Systems - A Multilayer Security Framework↗📄 paper★★★☆☆arXivCooperative AI researchSunil Arora, John Hastings (2025)governancecybersecuritytool-useagentic+1Source ↗ - Multi-agent security analysis
• AGILE Index (2025): Global Index for AI Safety↗🔗 webAGILE Index on Global AI Safety Readinesssafetyagitool-useagentic+1Source ↗ - AI safety readiness by country

Industry Safety Frameworks

• Anthropic: Responsible Scaling Policy↗🔗 web★★★★☆AnthropicResponsible Scaling Policygovernancecapabilitiestool-useagentic+1Source ↗
• OpenAI: Preparedness Framework↗🔗 web★★★★☆OpenAIPreparedness Frameworktool-useagenticcomputer-useSource ↗
• Google DeepMind: Frontier Safety Framework↗🔗 web★★★★☆Google DeepMindFrontier Safety Framework v2safetytool-useagenticcomputer-useSource ↗