The notice requests information on how to measure and improve security practices for artificial intelligence agent systems.

The National Institute of Standards and Technology (NIST) published a request for information (RFI) from the Center for AI Standards and Innovation (CAISI) seeking public input on security considerations for artificial intelligence (AI) agent systems. The notice will be available online (scroll down to “Addresses” for instructions), and comments are due within 60 days of publication.

The RFI invites stakeholders to provide concrete examples, best practices, case studies, and actionable recommendations on methodologies and practices for measuring and improving the secure development and deployment of AI agent systems, defined as systems capable of taking autonomous actions that affect real-world systems or environments.

Responses will inform CAISI’s evaluation of security risks associated with various AI capabilities, the assessment of security vulnerabilities of AI systems, and the development of technical guidelines and best practices to improve security. Agencies emphasize that the focus is on the security risks posed by AI agent systems, including hijacking, backdoor attacks, and other exploits.

Comments must be submitted electronically through the Federal e-Rulemaking Portal under docket number NIST-2025-0035; postal mail, fax, or email submissions will not be accepted. All comments received by the deadline will be posted on regulations.gov under that docket.

The RFI advances NIST’s work under its statutory mandate to support measurement research and the development of best practices for AI systems, including safety and robustness against adversarial attacks. The request does not impose requirements; it seeks information that could shape future guidance and standards.