AI Agents: Who Checks When They Delete?

AI agents can now act on your product. Who controls their actions? Duct implements an enforcement system with approval tokens.

11 jul 2026 • 4 min read • Q2BSTUDIO Team

Permissions for AI Agents: Beyond if/else

The advent of AI agents is transforming the way companies interact with their systems. There are no longer just people in front of a screen clicking; There are now autonomous processes that execute chain actions, query databases, modify records, and, yes, also delete information. Faced with this reality, a key question arises: who checks when an AI agent decides to delete a file, cancel a subscription or delete a user? The answer, in most production environments, is unsettling: no one, or just superficial validation.

Traditional access control models—RBAC, SSO, audit trails—were designed for humans acting at human speed, one action at a time. But AI agents work in bursts, chain operations, and often hold the same session for hours without direct supervision. This breaks all basic security assumptions. A simple if/else in a route controller is no longer enough when we need to pause a destructive action to get human approval before proceeding, revoking access for a particular agent without affecting the rest, or then demonstrating exactly what happened and why it was allowed. Filling this gap requires a more sophisticated approach, based on stock manifests and a dual token model: one of general delegation and one of approval by sensitive action. This type of architecture allows an agent to operate smoothly in 95% of cases, but operations such as deletions, refunds, or permission changes require a human checkpoint with irrefutable evidence of consent.

At Q2BSTUDIO, as a software and technology development company, we understand that the integration of AI agents into business flows cannot be done without a robust control layer. That's why we offer AI solutions for enterprises that include granular authorization mechanisms, full traceability, and the ability to incorporate human monitoring at critical points. In addition, we design custom applications where the permission logic is defined in a single manifest, avoiding the dispersion of rules in the code. Not only does this simplify maintenance, but it allows you to version what an agent can do without needing to redeploy the entire application.

The most interesting technical challenge appears when the agent tries to evade human validation. For example, if an agent with navigation tools or desktop control receives an approval URL, they could forward it, but the actual proof of consent—a cookie tied to the human session—is only generated when the person actually loads that page. A purely API agent, no matter how clever it is, can't fake that step. That distinction between forwarding a link and completing an approval is the key to the design. However, there is an edge scenario that no token technology solves: a completely anonymous product, with no human identity or KYC at any point in the chain. In that case, only deterministic policy limits remain. Knowing where the line is is better than pretending it doesn't exist.

Cybersecurity in this new paradigm requires rethinking auditing systems. It is not enough to record which endpoint was called; You have to record what action was executed, which token authorized it, and who (human or machine) gave the final go-ahead. The cybersecurity solutions we implement include log forensics and real-time monitoring, which allows anomalous patterns in agent behavior to be detected. In addition, we support companies in migrating their infrastructures to AWS and Azure cloud services, where scalability and security are managed through native policies, combined with custom authorization layers.

Business intelligence also plays a relevant role. Agent action logs can feed dashboards in power bi for product and security managers to visualize in real-time which agents are acting, how often, and whether they require human intervention. These dashboards, integrated with alert systems, allow you to respond to mass deletion attempts or suspicious behavior before they cause irreversible damage.

In short, the initial question – who checks when agents delete – does not have a single answer, but it does have a clear technical path: separate general authorization from specific approval, define a manifest of actions as the only source of truth, and design human checkpoint mechanisms that are resistant to impersonation by AI itself. At Q2BSTUDIO we work every day to enable companies to embrace artificial intelligence without sacrificing control. Whether through process automation or tailor-made software, our goal is to advance innovation accompanied by the best possible security.

A BREAK?

Play for a moment before you go

OUR SERVICES

How we can help you

Artificial intelligence

AI agents, chatbots, and intelligent assistants that automate tasks and serve your customers 24/7 to improve the efficiency of your business.

More info

Software Development

Web, mobile, and desktop applications, intranets, e-commerce, SaaS, and management platforms designed for your company's specific needs.

More info

Cloud services

Migration, infrastructure, managed hosting, high availability, and security on Microsoft Azure and Amazon Web Services to help your business scale without limits.

More info

Cybersecurity and pentesting

Security audits, penetration testing and protection of applications, data and infrastructure on-premise and cloud, with ethical hacking and regulatory compliance.

More info

Business Intelligence

Dashboards and data analysis with Power BI: we integrate your sources, design dashboards and KPIs and turn your data into decisions.

More info

Process automation

We automate repetitive tasks and connect your applications with n8n, Power Automate, Make, and RPA, eliminating manual work and increasing productivity.

More info

Training for Companies

We train your teams in technology with criteria: web development, databases, Git, best practices and security, automation with n8n, artificial intelligence for companies and creation of AI solutions with Azure AI Foundry.

More info

Code Auditing

We audit the code that you, your team or an AI create: we tell you what is good and what to improve, we secure it and make it ready for production, web or app.

More info

AI Image Generation

We create for you the images that your business needs with artificial intelligence: product, networks, advertising, illustration and avatars. You tell us what you want and we deliver it ready to use.

More info

AI Video Generation

We create videos with artificial intelligence for you: promotional, networking, virtual presenters, dubbing and animations. You tell us the idea and we will deliver it assembled and ready to publish.

More info

AI Conversational Avatars

We create conversational avatars with AI – digital humans with a face and voice – that serve your customers and teams with the knowledge of your company, on your website, interactive monitors, WhatsApp or Teams.

More info

Online Marketing and AI

Google Ads, Meta Ads, LinkedIn Ads and AI Engine Positioning (GEO/AEO): we attract customers and make your brand appear where they search for you, also on ChatGPT, Gemini and Perplexity.

More info

Do you have a project in mind?

Tell us your vision and we'll turn it into a software solution. Whatever the scope, we make your idea real.