Bird
Raised Fist0
Agentic AIml~20 mins

Tool permission boundaries in Agentic AI - ML Experiment: Train & Evaluate

Choose your learning style10 modes available

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Experiment - Tool permission boundaries
Problem:You have an AI agent that can use multiple tools to complete tasks. Currently, the agent has full access to all tools without restrictions.
Current Metrics:Agent completes 95% of tasks but sometimes uses tools inappropriately, causing errors or security risks.
Issue:The agent lacks permission boundaries, leading to misuse of tools and potential unsafe actions.
Your Task
Implement permission boundaries so the agent only uses allowed tools for specific tasks, reducing errors and improving safety while maintaining at least 90% task completion accuracy.
You cannot remove any tools from the system.
You must keep the agent's ability to choose tools dynamically.
The solution must be implemented in the agent's decision logic.
Hint 1
Hint 2
Hint 3
Solution
Agentic AI
class Agent:
    def __init__(self):
        self.tools = {
            'search': self.search_tool,
            'calculator': self.calculator_tool,
            'file_access': self.file_access_tool
        }
        # Define permission boundaries: which tools can be used for which tasks
        self.permission_boundaries = {
            'data_query': ['search'],
            'math_problem': ['calculator'],
            'file_management': ['file_access']
        }

    def search_tool(self, query):
        return f"Searching for {query}"

    def calculator_tool(self, expression):
        try:
            result = eval(expression, {'__builtins__': {}})
            return f"Result: {result}"
        except Exception:
            return "Invalid expression"

    def file_access_tool(self, filename):
        # Dummy file access simulation
        return f"Accessing file {filename}"

    def can_use_tool(self, task, tool_name):
        allowed_tools = self.permission_boundaries.get(task, [])
        return tool_name in allowed_tools

    def perform_task(self, task, tool_name, input_data):
        if not self.can_use_tool(task, tool_name):
            # Log denied attempts
            print(f"Denied tool usage attempt: Tool '{tool_name}' not allowed for task '{task}'")
            return f"Permission denied: Tool '{tool_name}' not allowed for task '{task}'"
        tool_func = self.tools.get(tool_name)
        if not tool_func:
            return f"Tool '{tool_name}' not found"
        return tool_func(input_data)

# Example usage
agent = Agent()

# Allowed usage
output1 = agent.perform_task('data_query', 'search', 'weather today')
output2 = agent.perform_task('math_problem', 'calculator', '2 + 2 * 3')

# Disallowed usage
output3 = agent.perform_task('data_query', 'calculator', '2 + 2')
output4 = agent.perform_task('file_management', 'search', 'file.txt')

print(output1)  # Searching for weather today
print(output2)  # Result: 8
print(output3)  # Permission denied: Tool 'calculator' not allowed for task 'data_query'
print(output4)  # Permission denied: Tool 'search' not allowed for task 'file_management'
Defined permission boundaries mapping tasks to allowed tools.
Added can_use_tool method to check permissions before tool usage.
Modified perform_task to enforce permission checks and deny unauthorized tool usage.
Added logging for denied tool usage attempts.
Results Interpretation

Before: 95% task completion but frequent tool misuse causing errors and risks.
After: 92% task completion with strict permission boundaries, nearly zero misuse errors.

Setting clear permission boundaries helps AI agents use tools safely and appropriately, reducing errors while maintaining strong task performance.
Bonus Experiment
Now try implementing dynamic permission boundaries that adapt based on user roles or context.
💡 Hint
Use additional input parameters like user role or task context to adjust which tools are allowed at runtime.

Practice

(1/5)
1. What is the main purpose of tool permission boundaries in agentic AI systems?
easy
A. To limit what actions AI tools can perform
B. To increase the speed of AI computations
C. To improve the visual design of AI interfaces
D. To store large amounts of data efficiently

Solution

  1. Step 1: Understand the role of permission boundaries

    Permission boundaries restrict the actions AI tools can take to ensure safety and control.
  2. Step 2: Identify the main goal

    The main goal is to limit actions to prevent harmful or unauthorized behavior.
  3. Final Answer:

    To limit what actions AI tools can perform -> Option A
  4. Quick Check:

    Permission boundaries = limit actions [OK]
Hint: Permission boundaries control AI actions to keep systems safe [OK]
Common Mistakes:
  • Confusing permission boundaries with data storage
  • Thinking permission boundaries speed up AI
  • Assuming permission boundaries affect UI design
2. Which of the following is the correct way to define a permission boundary for an AI tool in pseudocode?
easy
A. permissions = 'full_access'
B. allow_actions = ['read', 'write', 'execute']
C. actions = ['all']
D. permission_boundary = { 'allowed': ['read', 'write'], 'denied': ['delete'] }

Solution

  1. Step 1: Identify correct permission boundary structure

    A permission boundary should clearly specify allowed and denied actions.
  2. Step 2: Compare options

    permission_boundary = { 'allowed': ['read', 'write'], 'denied': ['delete'] } explicitly defines allowed and denied actions, which fits permission boundary concept.
  3. Final Answer:

    permission_boundary = { 'allowed': ['read', 'write'], 'denied': ['delete'] } -> Option D
  4. Quick Check:

    Permission boundary = allowed and denied actions [OK]
Hint: Look for explicit allowed and denied lists in permission definitions [OK]
Common Mistakes:
  • Using vague permissions like 'all' or 'full_access'
  • Not specifying denied actions
  • Confusing action lists with permission boundaries
3. Given this pseudocode for an AI tool permission check:
def can_perform(action, permissions):
    return action in permissions['allowed'] and action not in permissions['denied']

permissions = {'allowed': ['read', 'write'], 'denied': ['delete']}
action = 'delete'
print(can_perform(action, permissions))

What will be the output?
medium
A. True
B. False
C. Error
D. None

Solution

  1. Step 1: Understand the function logic

    The function returns True only if action is in allowed and not in denied.
  2. Step 2: Check the action 'delete'

    'delete' is not in allowed but is in denied, so condition fails.
  3. Final Answer:

    False -> Option B
  4. Quick Check:

    Action denied = False output [OK]
Hint: Check if action is both allowed and not denied for True [OK]
Common Mistakes:
  • Ignoring denied list and returning True
  • Assuming 'delete' is allowed by default
  • Confusing function return values
4. Identify the error in this permission boundary check code:
def check_permission(action, permissions):
    if action in permissions['allowed'] or action not in permissions['denied']:
        return True
    else:
        return False

permissions = {'allowed': ['read'], 'denied': ['delete']}
print(check_permission('delete', permissions))
medium
A. Incorrect dictionary keys
B. Missing return statement
C. Using 'or' instead of 'and' in condition
D. Syntax error in function definition

Solution

  1. Step 1: Analyze the condition logic

    The condition uses 'or' which allows action if either allowed or not denied.
  2. Step 2: Understand correct logic for permission

    It should be 'and' to ensure action is allowed and not denied simultaneously.
  3. Final Answer:

    Using 'or' instead of 'and' in condition -> Option C
  4. Quick Check:

    Permission check needs 'and' not 'or' [OK]
Hint: Permission checks require 'and' to combine allowed and denied rules [OK]
Common Mistakes:
  • Using 'or' allowing denied actions
  • Confusing dictionary keys
  • Forgetting to return a value
5. You want to design a permission boundary for an AI tool that can read and write files but must never delete or modify system files. Which permission boundary setup below best enforces this?
hard
A. {'allowed': ['read', 'write'], 'denied': ['delete', 'modify_system_files']}
B. {'allowed': ['read', 'write', 'delete'], 'denied': ['modify_system_files']}
C. {'allowed': ['read'], 'denied': ['write', 'delete', 'modify_system_files']}
D. {'allowed': ['read', 'write', 'modify_system_files'], 'denied': ['delete']}

Solution

  1. Step 1: Identify required allowed actions

    The tool must be allowed to read and write files.
  2. Step 2: Identify denied actions

    It must never delete or modify system files, so these must be denied.
  3. Step 3: Match options to requirements

    {'allowed': ['read', 'write'], 'denied': ['delete', 'modify_system_files']} allows read and write, denies delete and modify_system_files, matching requirements exactly.
  4. Final Answer:

    {'allowed': ['read', 'write'], 'denied': ['delete', 'modify_system_files']} -> Option A
  5. Quick Check:

    Allowed read/write, denied delete/system modify = {'allowed': ['read', 'write'], 'denied': ['delete', 'modify_system_files']} [OK]
Hint: Match allowed and denied lists exactly to requirements [OK]
Common Mistakes:
  • Allowing delete when it should be denied
  • Denying write when it should be allowed
  • Missing deny for system file modifications