Beyond Static Sandboxing: Learned Capability Governance for Autonomous AI Agents

Computer Science > Cryptography and Security [Submitted on 12 Apr 2026] Beyond Static Sandboxing: Learned Capability Governance for Autonomous AI Agents Bronislav Sidik, Lior Rokach Autonomous AI agents built on open-source runtimes such as OpenClaw expose every available tool to every session by default, regardless of the task. A summarization task receives the same shell execution, subagent spawning, and credential access capabilities as a code deployment task, a 15x overprovision ratio that we call the capability overprovisioning problem. Existing defenses, including the NemoClaw container sandbox and the Cisco DefenseClaw skill scanner, address containment and threat detection but do not learn the minimum viable capability set for each task type. We present Aethelgard, a four layer adaptive governance framework that enforces least privilege for AI agents through a learned policy. Layer 1, the Capability Governor, dynamically scopes which tools the agent is aware of in each session. Layer 3, the Safety Router, intercepts tool calls before execution using a hybrid rule based and fine tuned classifier. Layer 2, the RL Learning Policy, trains a PPO policy on the accumulated audit log to learn the minimum viable skill set for each task type. Comments: 17 pages (9 content pages), 2 figures, 7 tables. Submitted to NeurIPS 2026 Agent Safety Workshop. Code and dataset available at this https URL Subjects: Cryptography and Security (cs.CR); Artificial Intelligence (cs.AI) ACM classes: I.2.6; D.4.6; K.4.2 Cite as: arXiv:2604.11839 [cs.CR]   (or arXiv:2604.11839v1 [cs.CR] for this version)   https://doi.org/10.48550/arXiv.2604.11839 Focus to learn more Submission history From: Bronislav Sidik [view email] [v1] Sun, 12 Apr 2026 13:10:56 UTC (20 KB) Access Paper: HTML (experimental) view license Current browse context: cs.CR < prev   |   next > new | recent | 2026-04 Change to browse by: cs cs.AI References & Citations NASA ADS Google Scholar Semantic Scholar Export BibTeX Citation Bookmark Bibliographic Tools Bibliographic and Citation Tools Bibliographic Explorer Toggle Bibliographic Explorer (What is the Explorer?) Connected Papers Toggle Connected Papers (What is Connected Papers?) Litmaps Toggle Litmaps (What is Litmaps?) scite.ai Toggle scite Smart Citations (What are Smart Citations?) Code, Data, Media Demos Related Papers About arXivLabs Which authors of this paper are endorsers? | Disable MathJax (What is MathJax?)