, Helium [3rd Floor]
AI agents are increasingly deployed with autonomy: calling tools, accessing data, modifying systems, and making decisions without human supervision. While prompts and guardrails are often presented as safety solutions, they break down quickly in real-world agentic systems.
In this talk, we explore how to enforce safety constraints in AI agents beyond prompting, using engineering techniques familiar to Python developers and data engineers. We will examine common failure modes in agentic systems such as tool misuse, goal drift, and over-permissioning and show how to mitigate them using policy layers, capability boundaries, and execution-time validation.
AI agents are increasingly used as autonomous systems that can call tools, access data, and take actions in real environments. As these systems gain more autonomy, ensuring their safe and predictable behavior becomes an engineering challenge rather than a prompting problem.
This talk examines how safety constraints can be explicitly enforced in agentic AI systems, instead of relying solely on natural language instructions or model alignment. We will discuss typical safety and security issues that arise in agent based architectures, including over permissioned tools, unintended action chains, goal drift, and unsafe retries.
Using practical Python examples, the talk introduces architectural patterns for constraining agent behavior, such as policy layers, capability based tool access, action budgets, and runtime validation of agent decisions before execution. We will also explore how human in the loop checkpoints and audit logging can be integrated into agent workflows to support safer operation in production environments.
The focus of this session is on practical design and implementation techniques that help developers build AI agents with clearly defined boundaries, making their behavior more controllable, observable, and secure
Through practical Python examples, we will demonstrate how to:
- Design constrained agent architectures
- Enforce tool level permissions and action budgets
- Validate and block unsafe agent actions at runtime
- Combine human-in-the-loop checkpoints with automated controls
John Robert leads data and cloud projects at Sunnic Lighthouse (Enerparc AG), where he works on building and operating data-intensive workflows in production. He has over eight years of experience with Python, machine learning, and AI, and began his career working on autonomous driving systems at Daimler (Mercedes-Benz).
John has spoken at conferences across Europe, the United States, and other regions, sharing practical insights on building, deploying, and operating AI systems in real-world environments. His current focus is on AI safety and AI security, particularly how agentic and autonomous systems can be designed with clear boundaries and controls.
He is the founder of Don’t Fear AI, an initiative aimed at helping people understand how to use AI responsibly and how to build reliable AI systems without hype or unnecessary complexity. John believes in a future where humans and AI systems work together safely and effectively.
Outside of technology, John enjoys traveling and has visited nearly 50 countries.