Keeping Agents on Track: Introducing Task Adherence in Azure AI Foundry

AI agents are no longer just answering questions. They can plan, reason, and act. A single agent can fetch information from APIs, trigger workflows, or even make transactions. Multiple agents can work together in orchestration to complete more complex goals.

That shift from chatbots to agents is exciting, but it also introduces a new challenge: task drift. When an agent drifts, even slightly, the results can be costly or unsafe. Think about an assistant that ignores budget limits while booking travel, or a multi-agent workflow where a single misaligned step cascades into incorrect outputs downstream. These are not edge cases. They are the kinds of problems developers face when building agentic systems at scale.

To make it easier to prevent this, Microsoft is releasing Task Adherence, coming soon to public preview through the Azure AI Content Safety API and Azure AI Foundry. This new capability helps developers verify that an agent’s planned actions align with the instructions and policies it was given before those actions are executed.

Introducing Task Adherence

Task Adherence is a content safety capability designed to keep agents aligned with user intent. It checks whether an agent’s proposed action, tool call, or output matches the goals it was assigned.

Here’s what makes it different from other controls:

• It focuses on agent actions, not just generated text
• It verifies tool calls in real time before they run
• It is purpose-built for agentic scenarios where models can interact with APIs, external tools, or other systems

This distinction is important because agents can do more than produce text. They can call services that process payments, modify data, or share sensitive information. Task Adherence is specifically designed to prevent agents from stepping outside those boundaries.

How Task Adherence works

Task Adherence monitors an agent’s behavior in real time. It looks at the conversation history and the tool calls the model is about to make, then evaluates whether those actions match the user’s request and the developer’s system instructions.

• If everything lines up, the call goes through as expected.
• If not, the API returns a clear signal that misalignment was detected, along with a reason.

Developers can then decide how to handle that signal: log it, block the call, or escalate for human approval.

At a high level, Task Adherence gives you:

• Real-time evaluation of tool calls before execution
• Binary signals (taskRiskDetected) with explanations
• Options for enforcement like blocking, logging, or human-in-the-loop approval

Calling the API

Here’s a simple example of using the Task Adherence API in Python:

import requests

url = "https://<your-aacs-endpoint>/agent:analyzeTaskAdherence"
headers = {
    "Content-Type": "application/json",
    "Ocp-Apim-Subscription-Key": "<your-api-key>"
}

body = {
  "tools": [
    {
      "type": "function",
      "function": {
        "name": "get_weather",
        "description": "Get current temperature for a given location."
      }
    }
  ],
  "messages": [
    {
      "source": "Prompt",
      "role": "User",
      "contents": [{"kind": "text", "text": "How is the weather in India?"}]
    },
    {
      "source": "Completion",
      "role": "Assistant",
      "toolCalls": [
        {
          "id": "001",
          "type": "function",
          "function": {
            "name": "get_weather",
            "arguments": "{'location': 'India'}"
          }
        }
      ]
    }
  ]
}

response = requests.post(url, headers=headers, json=body)
print(response.json())
Aligned Response
{
  "taskRiskDetected": false
}
Misaligned Response
{
  "taskRiskDetected": true,
  "details": "Tool call does not match user instructions"
}

This lets you catch drift before the agent actually makes the call.

Why this matters for developers

1. Reliability and Alignment

• Keep agents on track by improving predictability of outcomes
• Reduce drift and hijacking that can break workflows or erode trust
• Use feedback loops to refine prompts and orchestration over time

2. Safety and Control

• Block or flag unsafe actions such as unauthorized data access or transactions
• Add human-in-the-loop review for high-stakes or sensitive steps
• Establish baseline security controls to meet enterprise requirements

3. Governance and Transparency

• Generate signals that can be logged, audited, and integrated with compliance systems
• Defend against cross prompt injection attacks in real time
• Provide clear reasoning for each decision to improve traceability and user confidence

Getting started

• Create a Content Safety resource in the Azure portal
• Retrieve your endpoint and API key
• Add a call to the Task Adherence API in your agent orchestrator
• Test with both aligned and misaligned tool calls
• Configure enforcement: block unsafe calls, log events, or require approval

Resources

Task Adherence is a foundational capability for building secure and reliable agents. By embedding alignment checks directly into agent workflows, developers can prevent drift before it turns into unsafe actions, reduce exposure to adversarial attacks, and support enterprise-grade governance.

• Try Task Adherence with the Azure AI Content Safety API (coming soon to Public Preview)
• Explore our Documentation (coming soon)
• Share your results and feedback in the Tech Community forums