← back home

Steer or Kill: Advanced Strategies for Managing Misbehaving AI in Production

February 21, 2026
Ai Management Production Ai Ai Misbehavior Steer Vs Kill Ai Correction Llm Control Semantic Drift Tool Invocation Corrective Prompts Ai Safety
View original discussion on Hacker News

Managing AI workloads in production requires robust strategies for when agents or LLM-backed systems deviate from expected behavior. While observability tools provide insights into issues like runaway spend, latency spikes, or prompt loops, the immediate challenge lies in implementing effective shutdown or correction mechanisms. This often goes beyond manual interventions like feature flags or API key revocations, delving into more sophisticated, automated control.

The "Steer vs. Kill" Philosophy

A key insight in managing AI misbehavior is to differentiate between scenarios that require immediate termination ("kill") and those where an agent can be guided back to alignment ("steer"). The "kill" mechanism is reserved for critical situations: when an agent has already made an irreversible call, written bad data, or poses a significant safety risk. In these cases, hard rules, such as token limits, tool allowlists, or banned actions, should trigger an immediate block, stopping the agent without attempting correction.

Conversely, many AI failures are not safety-critical but rather instances of the agent losing context or drifting semantically mid-task. For these situations, a "steer" approach can significantly improve task success rates.

Implementing a Two-Layer Policy for Correction

Effective AI control often relies on a two-layer policy:

  1. Hard Rules: These define immediate boundaries. Exceeding token limits, attempting disallowed tool calls, or executing explicitly banned actions should result in an instant stop. There's no steering here; the action is blocked outright.
  2. Soft Rules: These are designed for more nuanced deviations. A lightweight evaluator model continuously scores each step or action against the original task intent. If this model detects "semantic drift" – where the agent's actions begin to stray from its goal – over consecutive steps, a corrective prompt is injected.

Granular Correction at the Tool Invocation Level

A critical finding for effective steering is the granularity of evaluation. While one might consider evaluating at coarser units like plan nodes or full steps, drift can compound rapidly. By the time a full step completes, an agent might have already chained several undesirable calls. The most effective control loop binds the evaluator to the tool invocation level.

Each time the agent proposes or emits a tool call, the evaluator assesses it. This assessment considers the original task intent and a rolling window of recent tool results to determine if the agent is still on track. This tight loop allows for rapid intervention.

Balancing Latency and Coverage with Sampling

Implementing tool-level evaluation introduces a performance overhead, potentially adding hundreds of milliseconds (e.g., ~200ms) of latency per invocation. For hot paths or latency-sensitive workflows, a pragmatic approach is to use sampling. This might involve evaluating every third tool call, or only when there are significant changes in the tool category being used. This strategy balances the need for comprehensive oversight with maintaining acceptable system performance.

Crafting Effective Corrective Prompts

Generic prompts like "stay on track" are often ineffective. For steering to work, the corrective prompt must be highly targeted. It needs to reference the original goal of the task and specifically highlight what aspect of the agent's behavior has drifted. This precise feedback helps the agent re-contextualize and self-correct efficiently.

Get the most insightful discussions and trending stories delivered to your inbox, every Wednesday.