# The Defensible Agent: Hardening Enterprise AI Against Prompt Injection

> Source: <https://pub.towardsai.net/the-defensible-agent-hardening-enterprise-ai-against-prompt-injection-8584f208201c?source=rss----98111c9905da---4>
> Published: 2026-07-17 13:01:05+00:00

Member-only story

# The Defensible Agent: Hardening Enterprise AI Against Prompt Injection

## AI Engineer Interview Preparation

Click** **[ here](https://kawsar34.medium.com/list/ai-engineer-04bfb3bb2232) for the full AI Engineer Prep list.

**1. A company builds an AI operations agent that can restart services, update infrastructure, and read monitoring dashboards. Security engineers worry that a single prompt injection could trigger production changes. Which architecture best reduces the overall risk?**

(A) Improve the system prompt with stricter wording

(B) Enforce authorization before every tool execution

(C ) Increase the model’s context window

(D) Fine tune the model to reject risky requests

**Correct Answer: (B) Enforce authorization before every tool execution.**

Prompt instructions influence model behavior but cannot reliably stop unsafe actions. Every tool request should pass through an external authorization layer that validates whether the requested action, resource, and user permissions match security policies. Even if prompt injection succeeds, unauthorized tool calls are denied before reaching production systems. This creates a real security boundary outside the model and significantly limits damage from incorrect reasoning, malicious inputs, or unexpected model behavior…
