---
title: "What Is Execution-Layer Security for AI Agents?"
description: "Execution-layer security intercepts AI agent operations at the OS level with deterministic, auditable policy enforcement — not prompt engineering. agentsh (agent shell) is the reference implementation."
doc_version: "1.0"
last_updated: "2026-03-05"
canonical: "https://www.agentsh.org/execution-layer-security/"
---

# What Is Execution-Layer Security?

## Overview

Execution-layer security controls what AI agents actually do at runtime. Instead of relying on prompt instructions, it intercepts file, network, process, and signal activity below the model layer and evaluates deterministic policy against those operations.

## Why It Matters

- Prompt guardrails are advisory; execution-layer policy is enforced by the runtime.
- Audit logs record what the agent attempted and what policy decided.
- Enforcement follows subprocesses and tool calls, including agent-created commands.
- Policy can allow, deny, approve, redirect, or soft-delete operations.

## Related Documentation

- [Setup & Integration](https://www.agentsh.org/docs/setup/)
- [Policy Reference](https://www.agentsh.org/docs/policy-reference/)
- [Glossary](https://www.agentsh.org/docs/glossary/)

## Sitemap

- [Canonical HTML](https://www.agentsh.org/execution-layer-security/)
- [Site map](https://www.agentsh.org/sitemap.md)
- [Full documentation](https://www.agentsh.org/llms-full.md)