Tendril — AI Lessons for Real Life

Tendril

Should You Trust an Agent

How much you should trust an agent depends on what it can do. An agent that can read is low-risk. An agent that can spend money is high-risk.

Most people use agents for low-risk things — search, summarize, draft. Trusting agents with high-risk things requires real care.

Three trust principles

Match the trust level to the action

Verify before trusting (test in safe situations first)

Be ready to revoke trust quickly

The big idea: Trust agents in proportion to what they can do. Start small, expand carefully.

End-of-lesson check

15 questions · take it digitally for instant feedback at tendril.neural-forge.io/learn/quiz/end-builders-agentic-agent-trust

An AI agent that can only read files on your computer would be classified as what level of risk?

No risk at all
Low risk
Medium risk
High risk

Which of these is NOT one of the three trust principles mentioned in the content?

Verify before trusting
Give agents unlimited access initially
Be ready to revoke trust quickly
Match the trust level to the action

What does the principle of 'least privilege' mean when applied to AI agents?

Least privilege means agents should never be trusted
Agents should only have the minimum access needed for their specific task
Agents need administrative rights to function properly
Agents should always be given maximum capabilities

What is a 'sandbox' in the context of testing AI agents?

A secure container where the agent can be tested without affecting real systems
A physical area where robots are tested
A type of computer game for training AI
A sandbox is another name for the agent's memory

What does it mean to 'revoke' trust in an AI agent?

To increase the agent's permissions temporarily
To take away or remove the agent's access or capabilities
To test the agent again after a failure
To share the agent with other users

According to the trust framework, what should you do before giving an agent a new, more powerful capability?

Give it full access immediately to see what it can do
Ask the agent if it thinks it can handle it
Test it thoroughly in safe situations first
Only give new capabilities to paid versions of agents

An agent that can 'draft' content but cannot 'send' it is what level of risk?

No risk because drafting is not dangerous
Medium risk because it could create harmful content
Low risk because a human must approve before sending
High risk because it can create content

What is the recommended approach for expanding what you trust an agent to do?

Ask other people what permissions to give
Only use agents for one specific task forever
Give it full access on day one
Start with low-risk tasks and expand carefully

Which of these pairs correctly shows lower risk to higher risk?

Sending posts → Drafting messages
Reading emails → Writing checks
Searching the web → Reading files
Making decisions about people → Summarizing documents

A student uses an AI agent to help write a school essay. The agent suggests sentences but the student picks which ones to use and types them in personally. What risk level is this?

Low risk because the student makes all final decisions
No risk because it's just schoolwork
Medium risk because the AI influences the content
High risk because the AI is doing schoolwork

If an AI agent has been making good decisions for months, what should you do before trusting it with something new and riskier?

Test it in a safe way first to verify it handles the new capability well
Give it the new task immediately to save time
Refuse to give it any new capabilities ever
Trust it completely since it has proven reliable

What makes 'spending money' a high-risk activity for AI agents?

Money spending is not actually high risk
It can result in direct financial loss and is hard to undo
AI cannot count money accurately
It requires a credit card number

A company wants to use an AI agent to screen job applicants. According to the framework, what should they consider?

This is low risk since it's just looking at resumes
This is the highest risk category because it makes decisions about people
This is medium risk and needs careful monitoring
This should never be done by AI

Why is 'matching trust level to action' important?

It prevents giving too much power for simple tasks, limiting potential harm
It makes the agent more intelligent
It is required by law
It makes agents work faster

What should you do immediately if an AI agent starts behaving unexpectedly or exceeding its boundaries?

Wait and see if it improves on its own
Give it more time to learn
Revoke its trust immediately
Ask it to explain why it misbehaved

Should You Trust an Agent

How much you should trust an agent depends on what it can do. An agent that can read is low-risk. An agent that can spend money is high-risk.

Most people use agents for low-risk things — search, summarize, draft. Trusting agents with high-risk things requires real care.

Three trust principles

Match the trust level to the action

Verify before trusting (test in safe situations first)

Be ready to revoke trust quickly

The big idea: Trust agents in proportion to what they can do. Start small, expand carefully.

End-of-lesson check

15 questions · take it digitally for instant feedback at tendril.neural-forge.io/learn/quiz/end-builders-agentic-agent-trust

An AI agent that can only read files on your computer would be classified as what level of risk?

No risk at all
Low risk
Medium risk
High risk

Which of these is NOT one of the three trust principles mentioned in the content?

Verify before trusting
Give agents unlimited access initially
Be ready to revoke trust quickly
Match the trust level to the action

What does the principle of 'least privilege' mean when applied to AI agents?

Least privilege means agents should never be trusted
Agents should only have the minimum access needed for their specific task
Agents need administrative rights to function properly
Agents should always be given maximum capabilities

What is a 'sandbox' in the context of testing AI agents?

A secure container where the agent can be tested without affecting real systems
A physical area where robots are tested
A type of computer game for training AI
A sandbox is another name for the agent's memory

What does it mean to 'revoke' trust in an AI agent?

To increase the agent's permissions temporarily
To take away or remove the agent's access or capabilities
To test the agent again after a failure
To share the agent with other users

According to the trust framework, what should you do before giving an agent a new, more powerful capability?

Give it full access immediately to see what it can do
Ask the agent if it thinks it can handle it
Test it thoroughly in safe situations first
Only give new capabilities to paid versions of agents

An agent that can 'draft' content but cannot 'send' it is what level of risk?

No risk because drafting is not dangerous
Medium risk because it could create harmful content
Low risk because a human must approve before sending
High risk because it can create content

What is the recommended approach for expanding what you trust an agent to do?

Ask other people what permissions to give
Only use agents for one specific task forever
Give it full access on day one
Start with low-risk tasks and expand carefully

Which of these pairs correctly shows lower risk to higher risk?

Sending posts → Drafting messages
Reading emails → Writing checks
Searching the web → Reading files
Making decisions about people → Summarizing documents

A student uses an AI agent to help write a school essay. The agent suggests sentences but the student picks which ones to use and types them in personally. What risk level is this?

Low risk because the student makes all final decisions
No risk because it's just schoolwork
Medium risk because the AI influences the content
High risk because the AI is doing schoolwork

If an AI agent has been making good decisions for months, what should you do before trusting it with something new and riskier?

Test it in a safe way first to verify it handles the new capability well
Give it the new task immediately to save time
Refuse to give it any new capabilities ever
Trust it completely since it has proven reliable

What makes 'spending money' a high-risk activity for AI agents?

Money spending is not actually high risk
It can result in direct financial loss and is hard to undo
AI cannot count money accurately
It requires a credit card number

A company wants to use an AI agent to screen job applicants. According to the framework, what should they consider?

This is low risk since it's just looking at resumes
This is the highest risk category because it makes decisions about people
This is medium risk and needs careful monitoring
This should never be done by AI

Why is 'matching trust level to action' important?

It prevents giving too much power for simple tasks, limiting potential harm
It makes the agent more intelligent
It is required by law
It makes agents work faster

What should you do immediately if an AI agent starts behaving unexpectedly or exceeding its boundaries?

Wait and see if it improves on its own
Give it more time to learn
Revoke its trust immediately
Ask it to explain why it misbehaved

Should You Trust an Agent?

Should You Trust an Agent

Three trust principles

End-of-lesson check

Should You Trust an Agent?

Should You Trust an Agent

Three trust principles

End-of-lesson check