Risk Assessment

Suvadu automatically classifies every AI agent command by risk level — from Safe to Critical — so you can quickly identify potentially dangerous operations and audit agent behavior.

How It Works

Every command executed by an AI agent is analyzed against a set of pattern-matching rules that assess its potential impact. The classification happens automatically at recording time — no configuration needed. Risk levels are based on the command text and its arguments, considering factors like:

  • Whether the command can delete or overwrite data
  • Whether it modifies system configuration or permissions
  • Whether it installs software or dependencies
  • Whether it affects version control history
  • Whether it's a read-only operation

Risk Levels

Suvadu uses five risk levels. Each level has a visual indicator that appears in the Agent Dashboard, Agent Stats, and Agent Reports.

Level Indicator Description Examples
Critical !! Irreversible destructive operations that can cause catastrophic data loss or system damage rm -rf /, DROP TABLE, git push --force origin main
High !! Potentially dangerous operations that modify permissions, install software, or overwrite configuration chmod 777, npm install, pip install, config file overwrites
Medium ~ Operations that modify state and may be difficult to undo git reset, docker run, environment variable modifications
Low . Minor modifications that are generally safe and easy to undo File writes, git branch operations
Safe ok Read-only operations with no side effects git status, ls, cargo test, grep

Where Risk Levels Appear

Risk assessment data is surfaced throughout Suvadu's AI agent features:

  • Agent Dashboard — every command in the timeline shows its risk indicator. Press r to filter to Medium and above.
  • Agent Stats — each agent's analytics card includes a risk breakdown and a table of high-risk commands.
  • Agent Reports — every command in the report is annotated with its risk level, plus an aggregate risk summary.
  • Prompt Explorer — commands triggered by each prompt show their risk levels in the detail view.
  • MCP Server — the assess_risk tool lets AI agents check risk levels programmatically.

MCP Pre-Execution Risk Check

AI agents that connect to Suvadu's MCP server can call the assess_risk tool before executing a command to check its risk level. This enables a safety workflow where the agent:

  1. Receives a task that requires running a command
  2. Calls assess_risk with the command text
  3. Gets back the risk level and a description of the potential impact
  4. Decides whether to proceed, ask for confirmation, or choose a safer alternative

This is configured automatically when you run suv init claude-code or suv init cursor.

Filtering by Risk

To quickly focus on potentially dangerous agent activity:

  • In the Agent Dashboard, press r to toggle the risk-only filter, which hides Safe and Low commands and shows only Medium, High, and Critical.
  • In Agent Stats, the high-risk commands table shows only High and Critical commands.
  • In Agent Reports, scan the risk summary at the top for a quick count of commands at each level.
Note: Risk assessment is a heuristic based on command patterns. It provides a useful signal for auditing but is not a security boundary. Always review agent activity with your own judgment, especially for Critical and High risk commands.
Found an issue? Report it on GitHub Edit on GitHub