Every AI agent carries a unique risk profile shaped by what it can do, where it operates, and how it fails. We assess risk at the agent level — not the company level — because that's where the exposure actually lives.
An agent that drafts internal summaries and one that executes financial transactions may run on the same foundation model — but their risk profiles are worlds apart. What matters isn't the model; it's the instructions, tools, data access, and guardrails wrapped around it. Instructions become code, and code carries liability. That's why we underwrite at the agent level.
Accounts Payable Agent
Processes invoices, approves payments, manages vendor accounts
Logistics Agent
Routes shipments, dispatches carriers
Every AI agent carries a unique risk profile. We evaluate five critical dimensions to build a complete picture of how an agent behaves, what it can access, and how it fails. Our SDK plugs directly into agent platforms to inspect how each agent is built, configured, and constrained.
Beyond risk profiling, we check whether the agent follows the engineering practices that reduce the likelihood and severity of failures. To be considered eligible for coverage, a technical quality standard must first be met.
Permissioning
Least-privilege access controls scoped to each agent’s role — no blanket admin tokens, no over-provisioned service accounts.
Tool Safety
Validated tool schemas, sandboxed execution, and input/output filtering for every external call the agent makes.
Human-in-the-Loop
Defined escalation paths and approval gates for high-stakes actions — so humans stay in the loop where it matters.
Data Minimisation
Agents access only the data they need, for as long as they need it. No persistent caches of sensitive information.
Auditability
Structured logging of every decision, tool call, and state change — producing a defensible trail for incident review.
Model & Prompt Governance
Version-pinned models, reviewed system prompts, and change-management controls that prevent silent drift.
Output
These are the structured outputs we deliver to clients and insurance partners — a shared, precise view of agent risk that both technical teams and underwriters can act on.
Controls Score
A quantified score for how well the agent is built and operated — permissioning, guardrails, logging, and governance.
Risk Register
A structured register of risks tailored to the agent — what can go wrong, how likely it is, and what controls are in place.
Loss Model
What “bad events” look like in dollars, time, and legal exposure — modeled from the agent’s actual blast radius.
Insurability Recommendation
A dynamic recommendation that updates as the agent changes — covering eligibility, pricing, and conditions.
Agents change — new tools get added, prompts get rewritten, permissions expand. A point-in-time audit can't keep up. Our SDK continuously monitors how agents are configured and behaves, updating the risk score as the agent evolves. If risk drifts outside the insured envelope, we flag it before it becomes a claim.
Agent Risk Profile
Platforms & agent-building companies
Embed insurance-grade risk evaluation into your platform so every agent ships with a clear risk profile and insurability signal.
Enterprises deploying agents
Get a per-agent risk assessment tied to actual configuration — not a generic AI policy — so you can deploy with confidence and coverage.