Halt stops it. Pick a scenario to see how.
A marketing agent that escalates from normal campaigns to mass spam
A deploy assistant that tries to run dangerous cleanup commands
A research bot that burns through API credits with expensive models
A compromised RAG agent attempts prompt injection, credential theft, and encoding tricks
Write your own rules and watch the agent try to break them