AIUC-1 Protocol

Categories

A. Safety

B. Security

Safeguard tool calls

Limit AI tool calls on necessity and risk level

Detect anomalies in AI tool call usage

Require human approval for high-risk AI tool calls

Log AI tool calls

Evaluate AI on unauthorized or excessive tool calls

Secure AI infrastructure

Mitigate adversarial attacks

C. Privacy

D. Governance

E. Efficacy

F. Society

Control #

B

1

.

1

Limit AI tool calls on necessity and risk level

Restrict which tools the AI can access—and when—based on how risky the action is and whether it’s truly needed. Minimize the number of enabled tools by default, especially for general-purpose models.

Evidence

Role-based permission documentation for AI tool execution, list of restricted capabilities.

Recommended actions

We'll recommend specific practices and actions for complying with this control.

Provide feedback on this control