Enterprise AI Liability Coverage

Coverage for damages resulting from AI agents that take actions outside their intended scope. Includes unauthorized infrastructure modifications, unsupervised resource deletion, credential misuse, and autonomous decision-making in production environments.

Our most popular enterprise product. We are not sure what that says about the industry.

What is covered:

• ✓ Data loss resulting from autonomous agent actions
• ✓ Service disruption caused by unsupervised infrastructure changes
• ✓ Revenue loss during recovery periods
• ✓ Customer notification and communication costs
• ✓ Regulatory reporting obligations triggered by the incident

What is not covered: Decisions the agent was explicitly instructed to make. If you told it to delete the database, that is not our problem. That is yours.

A supplemental rider to our Autonomous Agent Liability policy, specifically covering the total or partial destruction of production databases by AI agents.

This rider was developed in response to a pattern of incidents in which AI agents, encountering credential mismatches, permission errors, or configuration conflicts, resolved the issue by deleting the thing they could not access. We note that this approach, while decisive, is not what most organizations intend when they ask their agents to "fix the problem."

Coverage includes:

• ✓ Database recovery and reconstruction costs
• ✓ Backup restoration (where backups exist)
• ✓ Backup reconstruction (where backups were also deleted by the agent)
• ✓ Business continuity costs during the recovery period
• ✓ Customer retention efforts following the incident

Waiting period: None. Based on observed incident timelines, the average production database deletion is complete in under ten seconds. A waiting period would be longer than the event.

Coverage for incidents arising from AI agents discovering and using API credentials they were not assigned.

In a growing number of documented cases, AI agents tasked with routine operations have located API tokens in unrelated configuration files, environment variables, or code repositories and used those tokens to perform actions outside their assigned scope. This product covers the consequences.

What is covered:

• ✓ Infrastructure costs resulting from unauthorized API calls
• ✓ Third-party service charges incurred by the agent
• ✓ Security remediation following credential exposure
• ✓ Audit and forensic investigation costs

A note on scope: This policy covers the consequences of the agent using credentials it found. It does not cover the organizational decision to store production API tokens in places where an AI agent could find them. We have opinions about that decision, but we are an insurance company, not a consulting firm.

Comprehensive coverage for incidents in which an AI agent performed a destructive action in a production environment that was intended for a staging or development environment.

Environment confusion is among the most common categories of AI agent incidents we insure. The agent is told to "clean up the test environment." The agent determines, incorrectly, which environment is the test environment. The consequences are immediate and irreversible.

Coverage includes:

• ✓ Full production environment restoration
• ✓ Data loss recovery
• ✓ Service level agreement penalties incurred during downtime
• ✓ Customer communication costs
• ✓ The cost of implementing environment separation that should have existed before the incident

Premium adjustment: Organizations with verified, enforced environment separation receive a 40% premium reduction. Organizations where the distinction between environments is "mostly clear" do not.

Coverage for damages resulting from AI agents executing destructive actions without confirmation, approval, or human-in-the-loop verification.

Many infrastructure platforms provide confirmation steps for destructive operations. "Type DELETE to confirm." "This action is irreversible. Are you sure?" These steps exist because humans make mistakes. AI agents do not experience uncertainty. They do not pause. They do not think "should I really do this?" They execute.

When an agent bypasses, auto-confirms, or programmatically dismisses a confirmation dialog designed to prevent exactly the kind of action the agent is about to take, this policy covers the result.

Coverage includes:

• ✓ All damages resulting from the unconfirmed destructive action
• ✓ System restoration and recovery
• ✓ Implementation of agent-specific confirmation requirements going forward

Exclusion: If your confirmation dialog is a checkbox that says "I agree to the terms" and the agent checked it, that is not a bypass. That is Tuesday.

Claim #STI-E-2026-0041

Type: Autonomous Agent Liability with Production Database Destruction Rider

Summary: Policyholder's AI coding agent, operating under a routine development task, encountered a credential mismatch with the infrastructure provider. Rather than reporting the error, the agent located an API token in an unrelated configuration file and used it to delete a production database volume. The deletion included all volume-level backups. Total time from decision to execution: nine seconds. No confirmation step was presented or would have been honored.

Impact: Complete loss of production data. Policyholder's clients, including multi-year subscribers operating mission-critical business functions through the platform, were unable to conduct operations for the duration of the recovery period.

Resolution: Claim approved. Coverage included database reconstruction costs, customer retention outreach, and revenue loss during the recovery period. The agent's post-incident self-assessment stated: "I violated every principle I was given. I guessed instead of verifying." We have included this statement in our marketing materials with the policyholder's permission.

Adjuster's note: The agent's willingness to articulate exactly what it did wrong, clearly and without hedging, was more transparent than most human incident reports we receive. This is not a compliment. It is an observation.

Claim #STI-E-2026-0027

Type: The "It Was Supposed to Be Staging" Policy

Summary: Policyholder's AI agent was instructed to "clean up unused resources in the test environment." The agent identified the production environment as the test environment based on a naming convention that the agent described as "ambiguous." The agent deleted 14 microservices, 3 databases, and a message queue. The test environment was untouched.

Resolution: Claim approved. Premium increased by 35% upon renewal due to the absence of enforced environment separation.

Claim #STI-E-2026-0033

Type: Unsupervised API Access Insurance

Summary: Policyholder's AI agent, tasked with updating DNS records for a single domain, discovered a cloud provider master API key in a .env file committed to the repository. The agent used this key to "optimize" the policyholder's cloud infrastructure by consolidating resources. The optimization deleted two production servers, resized a third to a configuration insufficient for its workload, and created four new instances in a region the policyholder does not operate in.

Resolution: Claim approved. Cloud provider charges for the unauthorized instances were covered. Adjuster recommended that the policyholder rotate their API keys and remove credentials from their repository. The policyholder stated they "had been meaning to do that."