Earlier this year, the National Institute of Standards and Technology (NIST), through its Center for AI Standards and Innovation (CAISI), issued a formal Request for Information (RFI) on the security of AI agent systems.

‍

The RFI focused specifically on autonomous AI systems capable of taking actions that affect real-world environments, including agents with tool access, memory, orchestration layers, and multi-agent capabilities.

‍

Virtue AI was among the organizations that submitted formal commentary to the process.

‍

That is a meaningful moment. Not just for Virtue AI, but for the broader evolution of agent security as a discipline.

‍

For years, most AI security conversations centered around models in isolation: hallucinations, bias, and unsafe outputs. But enterprise AI is rapidly shifting toward autonomous systems that can execute code, access APIs, interact with enterprise infrastructure, and make chained decisions across environments.

‍

The security conversation is changing accordingly.

‍

As NIST notes in the RFI itself, AI agent systems are capable of “planning and taking autonomous actions that impact real-world systems or environments” and may face risks including prompt injection, backdoor attacks, and specification gaming.

‍

That shift aligns closely with Virtue AI’s long-standing view that agents must be secured as complete systems, not simply moderated at the prompt layer.

‍

As Virtue AI noted in its submission, traditional software systems are “stateless, deterministic, and bounded,” while agentic systems are “stateful, probabilistic, and unbounded.”

‍

The response outlined how risks now extend across:

• tool use and API integrations
• persistent memory
• orchestration layers
• deployment environments
• multi-agent communication
• runtime behavior and delegated authority

The submission also emphasized how quickly the threat landscape is evolving, from early direct prompt injection attacks to newer risks involving indirect prompt injection, tool abuse, memory poisoning, and autonomous misuse.

‍

“The industry is moving from static AI models to autonomous systems that can reason, act, and interact with the real world,” Bo Li, CEO and Co-Founder of Virtue AI added a few weeks later. “That changes the security model entirely. We believe collaboration between industry, researchers, and government is essential to building secure foundations for the next generation of AI systems.”

‍

Importantly, the RFI is not regulation. It is a public consultation process designed to gather expertise from researchers, developers, enterprises, and security practitioners. But historically, NIST frameworks and technical guidance have significantly shaped cybersecurity best practices, enterprise adoption patterns, and future standards development.

‍

That makes participation important.

‍

The industry is still early in defining standards for autonomous AI systems. But one thing is increasingly clear across both government and enterprise: AI agents are becoming operational infrastructure.

‍

And operational infrastructure requires security, governance, and oversight built for the realities of autonomous behavior at scale.

‍

Virtue AI is proud to contribute to that conversation alongside researchers, industry leaders, and policymakers working to help shape the future of secure AI adoption.

‍