Autonomous AI programs that can take actions online or inside workflows — are being deployed with minimal safety guardrails or transparency. The team reviewed public documentation for 30 widely used AI agents, including tools like ChatGPT Agent, Claude Code, and Microsoft Copilot, and found that most provide little or no information about how they were tested for safety or how they behave beyond high-level capability descriptions.
One of the starkest findings is how few systems document basic safety disclosures or monitoring controls. Only a small fraction of the agents studied have published formal safety evaluations or third-party testing results, and many offer no clear way to track activity or halt autonomous actions mid-run. For example, several agents lack granular shutdown options, meaning that if an autonomous process goes sideways, teams may have to stop all agent activity rather than remedying a single rogue instance.
The study also highlights how little agents disclose about their identity when interacting with external systems. Most do not clearly signal to websites or users that they are automated programs rather than humans, often using browser-like identifiers that make it nearly impossible to distinguish between bot traffic and real people. This “invisibility” raises risks for both web infrastructure and organizations relying on agents for business processes, as unchecked automation can interact with external services without accountability.
Researchers warn that the rapid growth of agentic AI — capable of planning and executing multi-step tasks autonomously — has outpaced efforts to establish shared standards, transparency norms, or oversight protocols. As AI agents become more powerful and embedded in enterprises and on the open web, these gaps in governance and safety disclosure could lead to unintended behavior, security vulnerabilities, and systemic risks unless developers adopt stronger monitoring, identity signalling, and clear safety reporting practices.
