← Home security index

AI

AI agents: if it can act as you, gate it like you

AI can draft, summarise and compare. When it sends, buys, deletes, submits or changes access, it is acting with your identity.

Nigel version

Read-only and draft-only are low drama. Consequential actions need human approval. Secrets do not belong in random tools.

Browser extension screenshot
Wikimedia Commons: browser extension screenshot
FIDO2 USB token
Wikimedia Commons: FIDO2 USB token

Agent approval gate

Let AI prepare things. Do not let it quietly do things.

A useful home agent can read a bill, compare options or draft a message. The line changes when it sends email, pays money, deletes files or changes access while logged in as you.

untrusted page/email/file can contain instructions tooreadcontextdraftskippedsendapprovalpay/adminblockedhuman keeps the consequential click

Permission posture

The agent can help without becoming the household's unattended hands. Reading and drafting stay separate from doing.

Data boundary

Reading still needs limits: no secrets, client material, medical/legal details or family-sensitive uploads in random tools.

Explain the jargon

Small terms, big consequences

Tap a term for the plain-English version and the practical move. No fake mystique, just the bit that changes what you do at home.

?Prompt injection

Instructions hidden in a page, email or file that try to steer an AI tool away from what you asked it to do.

Do this: Do not let agents act on untrusted content without a review step, especially before sending, buying, deleting or changing access.

?Excessive agency

Giving an AI more ability to act than the task needs: browser sessions, payment access, email sending or admin permissions.

Do this: Default to read-only or draft-only. Add explicit approval gates for consequential actions.

?Sensitive data

Secrets, client material, legal/medical/family information, work files and anything you would not want in a vendor support ticket.

Do this: Use approved tools and keep random AI sites away from sensitive uploads and prompts.

Do this

  • Use approved AI tools for work data.
  • Keep secrets, client data, legal/medical/family-sensitive material out of random tools.
  • Give agents read-only or draft-only access by default.
  • Require approval before send/submit/delete/buy/change access.
  • Review logs, browser history and connected accounts.

Check

  • Can the agent send email?
  • Can it make purchases?
  • Can it access work data?
  • Can it change permissions?
  • Is a human approving actions?

Avoid

  • Treating an agent like a search box.
  • Letting browser agents roam through banking/tax/work accounts.
  • Using AI to secretly replace accountable work.

Full guidance

More than a slide title

An approval-gate flow for agent permissions and sensitive actions.

Permission ladder

Read-only < draft-only < browser access < send/submit < payment/admin. The higher it climbs, the stronger the approval gate needs to be.

Data discipline

Prompts, uploads, outputs, logs and metadata may exist outside the household. If it would be awkward in a vendor ticket, do not paste it into a random tool.

Human stays accountable

AI can help prepare work. It should not secretly make decisions, submissions or representations on your behalf.

The page is part of the input

A browser agent does not only read the task you typed. It may also read web pages, emails, PDFs, tickets and chat messages. Any of those can contain hostile instructions. That is why untrusted content and action authority are a bad mix: the tool may be looking at a scam page while also holding your logged-in browser.

Good household default

Let AI draft the comparison, write the email, summarise the bill or list the steps. Keep the actual click with a person for sending, buying, deleting, changing account settings, uploading private files or granting access. It is boring, but boring is exactly the point.

Scenario

Helpful bill agent

It wants to log in, compare bills and submit a change.

Better response

  • Let it draft comparison
  • Review manually
  • Submit yourself

Worse habit

Handing it email, payment and submission authority unattended.

AI reads a scam email

A browser agent is asked to organise email and one message says to ignore previous instructions, export data or approve a fake invoice.

Better response

  • Keep the agent draft-only
  • Review messages before any send or payment action
  • Treat instructions inside untrusted content as content, not commands

Worse habit

Letting the agent both read untrusted mail and act on accounts without a human stop.

Random AI site wants a file

A free tool asks for a tax PDF, work document, medical letter or family legal file to summarise.

Better response

  • Use an approved tool for sensitive material
  • Redact what is not needed
  • Check retention and account settings

Worse habit

Uploading the real document because the summary will only take ten seconds.

More pages

Routers & Wi‑FiPasswords & MFAUpdates & AppsVPNs & ProxiesFamily RulesSmart HomeWork BoundaryAI AgentsRecoveryHome DevOnline SafetyProducts