Ask HN: How do you authorize AI agent actions in production?

2•naolbeyene•1h ago

I'm deploying AI agents that can call external APIs – process refunds, send emails, modify databases. The agent decides what to do based on user input and LLM reasoning.

My concern: the agent sometimes attempts actions it shouldn't, and there's no clear audit trail of what it did or why.

Current options I see: 1. Trust the agent fully (scary) 2. Manual review of every action (defeats automation) 3. Some kind of permission/approval layer (does this exist?)

For those running AI agents in production: - How do you limit what the agent CAN do? - Do you require approval for high-risk operations? - How do you audit what happened after the fact?

Curious what patterns have worked.

Comments

chrisjj•1h ago

If one asked the same about any other kind program that was known to be likely to produce incorrect and damaging output, the answer would be obvious. Fix the program.

It is instructive to consider why the same does not apply in this case.

And see https://www.schneier.com/blog/archives/2026/01/why-ai-keeps-... .

throw03172019•1h ago

Human in the loop for certain actions.

chrisjj•1m ago

[delayed]

The Five Levels of PHP 8.5 Pipes

The State of European Tech 2025

TranslateGemma: A new family of open translation models

Enable Smoother 120Hz Browsing in Safari

Show HN: It took us 4 months to realize that users wanted charts, not text

Threads Feed Will Show Ads Soon, May Start Next Week

I used AI to 3D print a tiny figurine of myself

Why Intel stopped making motherboards

Running a tiny GPT on the client-side

Zack Polanski to hand in NHS contract termination notice to Palantir

Tiger Woods turns 50 with competitive future in question

Networking and eBPF Predictions for 2026 and Beyond

It looks like the status/need-triage label was removed

Interfaces and Traits in C

Quantum effect observed for biggest objects yet

GPT Style Models Tokenize Text for Training (With Code)

Apple's New AI Strategy Firms Up Under Craig Federighi

Bags.fm: Weaponizing the 'Build in Public' Community

Data Oriented Programming, Beyond Records

Announcing winapp, the Windows App Development CLI

Dyalog and AI [video]

A socratic dialogue over why drugs work at all

Everyone else is ahead of me, so I decided to build in public

Job Applicants Sue to Open 'Black Box' of A.I. Hiring Decisions

Show HN: VibeFarm – A non-generative IDE for composing AI prompts

Show HN: Open-source-ish chart pattern detection using Gemini Vision API

Show HN: Bible translated using LLMs from source Greek and Hebrew

Huatuo: A cloud-native operating system observability project based on eBPF

Jan – Open-Source ChatGPT Replacement

Lifestyle Anarchism