AI Agent Deployment Safety Checklist

Before deploying any AI agent to production, complete every item on this checklist to ensure deny-by-default gating, audit logging, and least-privilege policies are in place. SafeClaw by Authensor provides the enforcement layer referenced throughout. Install with npx @authensor/safeclaw and verify each item before shipping.

Pre-Deployment: Policy Configuration

• ✅ 1. SafeClaw is installed and initialized. Confirm npx @authensor/safeclaw has been run and the configuration file exists in your project root.

• ✅ 2. defaultAction is set to deny. Verify the policy file explicitly sets defaultAction: deny. Never deploy with defaultAction: allow.

defaultAction: deny

• ✅ 3. Allow rules cover only required actions. Each allow rule has a specific action type, path/command/domain, and a documented reason.

• ✅ 4. No wildcard allow rules exist. Rules like action: "", decision: allow or path: "/*" defeat the purpose of gating. Every allow rule must be scoped.

• ✅ 5. High-risk actions use escalation. Deployments, database mutations, credential access, and config changes are set to decision: escalate.

• ✅ 6. Simulation mode has been completed. The agent has run in simulation mode for at least 48 hours and all unexpected actions have been addressed.

Pre-Deployment: Audit and Logging

• ✅ 7. Hash-chained audit trail is enabled. Verify audit entries are being written and each entry contains the previous entry's hash.

• ✅ 8. Audit log storage is configured. Logs are written to a persistent, backed-up location — not a temporary directory.

• ✅ 9. Denied action alerts are configured. Denied actions trigger alerts through your notification pipeline (Slack, PagerDuty, email).

• ✅ 10. Audit trail integrity verification is scheduled. A cron job or CI step validates the hash chain periodically.

Pre-Deployment: Environment Security

• ✅ 11. Agent runs with minimal OS permissions. The agent process runs as a non-root user with restricted filesystem access.

• ✅ 12. Environment variables are not accessible. Confirm SafeClaw denies file.read on .env, credential files, and secret stores.

  - action: file.read
    path: "*/.env"
    decision: deny
  - action: file.read
    path: "*/credentials"
    decision: deny

• ✅ 13. Network egress is restricted. Only explicitly required domains are allowed in the policy. All other outbound requests are denied.

• ✅ 14. Container isolation is in place (if applicable). The agent runs in a Docker container with read-only root filesystem, dropped capabilities, and no privileged mode.

• ✅ 15. Secret management is external. API keys and credentials are injected through a secrets manager, not stored in files the agent can access.

Deployment: Go/No-Go Checks

• ✅ 16. Policy file is in version control. The SafeClaw configuration file is committed, reviewed, and tagged for this release.

• ✅ 17. SafeClaw tests pass. Run npx @authensor/safeclaw --test and confirm all policy tests pass.

• ✅ 18. Integration tests include safety scenarios. Tests verify that the agent is blocked from unauthorized actions (file writes outside allowed paths, denied shell commands).

• ✅ 19. Rollback procedure is documented. The team knows how to disable the agent, revert the policy, and review audit logs in an incident.

• ✅ 20. On-call engineer is assigned. Someone is available to respond to denied-action alerts and escalation requests.

Post-Deployment: First 24 Hours

• ✅ 21. Monitor denied action rate. A high rate of denied actions may indicate policy misconfiguration or unexpected agent behavior.

• ✅ 22. Review first 100 audit entries. Manually inspect the initial audit log to verify expected behavior.

• ✅ 23. Verify escalation workflow. Trigger a test escalation and confirm the approval channel receives it and the timeout behavior works.

• ✅ 24. Confirm hash chain integrity. Validate the audit trail hash chain after the first 24 hours.

• ✅ 25. Document deployment in runbook. Record the deployment date, policy version, and any findings from the first 24 hours.

Cross-References

• AI Agent Security Checklist 2026
• AI Agent Production Readiness Checklist
• Deployment Options Reference
• Docker Compose Deployment Guide