AI controls

Apply the right action at the right time.

AI controls are pre-boundary enforcement for the final question in the flow: What should happen now? Teams can allow, warn, or block by default, and allow, warn, block, or review when policy requires escalation before a prompt, upload, or tool action crosses policy.

What should happen now?

Controls turn visibility into action so teams can keep low-risk work moving, intervene before sensitive context leaves, and stop interactions that do not fit policy.

Phase 1

Activity is understood

3LS sees what the interaction is for and whether sensitive content is involved.

Phase 2

Context is considered

Teams can weigh business purpose, sensitivity, and risk before deciding what should happen next.

Phase 3

A control is chosen

Allow, warn, or block based on the interaction instead of applying the same response to everything.

Phase 4

The decision is visible

Operators can see what action was taken and why.

Allow

Keep safe work moving

Routine drafting, coding, and research can continue when the interaction fits expected usage and does not carry sensitive risk.

Outcome: Less friction for normal work

Warn

Slow down interactions that deserve a second look

When intent or sensitivity raises concern, teams can introduce a warning and guide people toward safer handling.

Outcome: Better operator judgment

Block

Stop interactions that cross the line

Prevent sharing or processing that does not fit organizational guardrails, and leave a clear record of the decision.

Outcome: Consistent control outcomes

From the blog

Control Patterns and Failure Modes

Research on the moments where AI control actually matters: enforcement, approval fatigue, containment, and tool-level policy.