Free Starter Kit artifact

The Beginner’s AI Agent Safety Checklist

Before you connect an AI agent to your email, files, browser, tools, or business workflows, use this checklist to decide what it can read, what it can do, and where it must stop for approval.

Back to AI Agents for Normies
The checklist

Answer these before you delegate.

If you cannot answer a question yet, that does not mean “never use an agent.” It means “add more guardrails first.”

1. What can the agent read?

I know exactly which documents, tabs, messages, or files the agent can access.
I removed passwords, API keys, private financial data, medical data, and confidential work data.
I know whether this tool is allowed for work or client information.

2. What can the agent do?

The agent is limited to safe actions like researching, summarizing, sorting, comparing, or drafting.
It does not have broad permissions “just in case.”
I know which tools it can use: browser, email, docs, calendar, files, automations, or payment tools.

3. Where must it ask first?

Before sending messages or emails.
Before publishing content or contacting customers, coworkers, vendors, or clients.
Before spending money, deleting files, overwriting work, or changing important systems.

4. What is the worst mistake it could make?

I know whether a mistake would be merely annoying, embarrassing, expensive, privacy-risky, or business-critical.
The workflow has a safe stopping point.
I have a way to undo, ignore, or recover from bad output.

5. Can you check its work easily?

I know what a good result looks like.
Important claims need sources, links, or visible evidence.
The agent should mark uncertainty instead of pretending to know.

6. Is this a good beginner task?

The task is small, repeated, and easy to review.
The first version can be draft-only or read-only.
The agent knows what not to do.
Score it

Choose the safest next step.

Safe starter task

The task is low-risk, easy to verify, and the agent only researches, summarizes, sorts, compares, or drafts.

Needs more guardrails

The task might be useful, but you need clearer access limits, approval points, sources, or rollback steps first.

Not beginner-safe yet

The task touches money, deletion, publishing, customers, private data, or important systems without enough human approval.

Copy and adapt

Safe starter instruction

Use this when you want an agent to help, but you do not want it acting without approval.

You are helping me with a draft-first workflow. Your goal is to [goal]. Use this context: [context]. You may use [tools/information]. Do not send, publish, spend, delete, contact anyone, or change important systems without asking me first. If you are uncertain, say so. Your final output should be [format]. I will verify the result by [verification method].
Get the full Free Starter Kit See setup help