Guardrails & Your Governance Brief
Name the failure modes, set least-privilege guardrails, and turn it all into a one-page brief — the document that makes "I used AI" into "here's how we govern AI". Take-home artefacts #3 and #4.
The honest limits — and the fix
Prompt injection
Hidden instructions in a page or document can hijack a browser/agent tool. Mitigations reduce, but don't eliminate, the risk.
Compound failure
Even good per-step reliability degrades over long multi-step tasks. Most failures are architectural — scope, success criteria, ownership.
The fix
Bounded tasks, clear approval checkpoints, simple recovery paths — and a human in the loop for anything consequential.
Australia's Voluntary AI Safety Standard (10 guardrails — accountability, risk management, data governance, testing, human oversight, transparency, contestability, supply-chain transparency, records, stakeholder engagement) is the reference; the National AI Centre's "essential practices" is the practical distillation. Voluntary, and complements existing law.
Build your Connector & Permissions Map
List every connector, what it's allowed to do, and the human checkpoint. This is artefact #3 — and it feeds your brief below.
Your map
Generate your one-page Governance Brief
A short, defensible record — scope, guardrails, who's accountable, and the prepare/check-vs-lodge/pay line. This is artefact #4. Saves in this browser.
Bounded tasks, least-privilege access, human checkpoints and a one-page brief make your AI team safe and defensible — the difference your accountant, your clients and a regulator want to see.