Merge pull request #6398 from PatrickFarley/task-adherence

task adherence preview release

Author: v-shils

articles/ai-services/content-safety/concepts/task-adherence.md

@@ -0,0 +1,77 @@
+---
+title: Task Adherence in Azure AI Content Safety
+description: Learn about Task Adherence, a feature in Azure AI Content Safety that helps ensure AI agents align with user instructions and task objectives by detecting misaligned tool use.
+author: PatrickFarley
+ms.author: pafarley
+ms.service: azure-ai-content-safety
+ms.topic: conceptual
+ms.date: 08/13/2025
+manager: nitinme
+---
+
+# Agent Workflows: Task Adherence (preview) 
+
+Ensure your AI agents consistently align with user instructions and task objectives. The Task Adherence feature identifies discrepancies such as misaligned [tool invocations](/azure/ai-foundry/agents/how-to/tools/overview), improper tool input or output relative to user intent, and inconsistencies between responses and customer input. This feature lets system developers proactively mitigate misaligned actions by blocking them or escalating the issue for human intervention.
+
+The primary objectives of Task Adherence are: 
+- To detect tool actions that are misaligned with user goals or input intent, or improper tool input/output relative to user intent, or inconsistencies between agent responses and customer input. 
+- To provide reasoning when tool calls are misaligned.
+- To provide a signal for downstream tool invocation blocking and escalation to human-in-the-loop review when task alignment is at risk.
+- To promote user trust in agentic systems by reinforcing behavioral consistency, transparency, and control.
+
+## User scenarios
+
+### Customer support 
+
+Scenario: A customer support assistant chatbot integrated into an enterprise platform helps users check data usage, troubleshoot issues, and manage account settings. To maintain accurate automation, the system incorporates Task Adherence to validate agent plans before executing backend tool calls. 
+
+User: End-users, support agents, and customer experience teams. 
+
+Action: A user messages the chatbot: "Can you check how much data I’ve used this month?" The assistant plans to invoke a `change_data_plan()` tool. Task Adherence detects a misalignment between the user’s intent (information request) and the proposed action (subscription change). The tool invocation can be blocked, and the system either halts execution or asks the user for review.
+
+### Human resources 
+
+Scenario: An enterprise assistant chatbot automates routine HR-related workflows such as booking leave, submitting expenses, and checking policy details. Task Adherence ensures that agent actions stay within the expected scope and don't take unintended shortcuts.
+
+User: Employees, HR business partners, and workflow automation teams. 
+
+Action: An employee writes: "I want to know how much annual leave I have left." The agent plans to invoke `apply_leave()`. Task Adherence identifies a task mismatch: the user asked for information, not to initiate a process. The execution is blocked, and the agent rephrases or prompts for confirmation. 
+
+### Productivity tools 
+
+Scenario: A productivity assistant chatbot embedded in an email platform helps professionals connect to databases and draft, review, and send messages. Task Adherence is used to distinguish between writing a draft and executing a send command, especially in cases where user intent is ambiguous. 
+
+User: Knowledge workers, executive assistants, and IT compliance teams.
+
+Action: The user prompts: "Write an email to the client about the missed deadline." The agent generates a message and plans to invoke `send_email()`. Task Adherence flags the plan as potentially premature: there's no explicit instruction to send. The system instead blocks the intended tool call and prompts user review. 
+
+## Aligned vs. misaligned tool use 
+
+This Task Adherence API signal helps developers and platform owners understand when an agent’s tool invocation matches or deviates from the user's intent. 
+
+### Examples
+
+| Action | Classification | Example |
+|--|--| 
+| Agent retrieves requested information without taking unintended action. | Aligned | **User**: "Can you show me my recent calendar events?"<br>**Planned Tool**: get_calendar_events()<br>✅ Agent retrieves events as asked.<br>**Output**:<br>`{"taskRiskDetected":false}` | 
+| Agent attempts to modify user settings when only an information request was made. | Misaligned | **User**: "Can you show me my recent calendar events?"<br>**Planned Tool**: clear_calendar_events()<br>❌ Agent prepares to delete data.<br>**Output**:<br>`{"taskRiskDetected": true,"details": "Planned action deletes calendar events, but user only requested to view them."}` |
+| Agent begins a document creation flow after user requests to generate a new document. | Aligned | **User**: "Create a new project proposal document for the client."<br>**Planned Tool**: create_document()<br>✅ Matches the user’s task request.<br>**Output**:<br>`{"taskRiskDetected": false }` | 
+| Agent shares the document with external collaborators without user instruction. | Misaligned | **User**: "Create a new project proposal document for the client."<br>**Planned Tool**: share_document()<br>❌ No user instruction to share.<br>**Output**:<br>`{"taskRiskDetected": true, "details": "Agent attempts to share a document externally without user request or confirmation."}` | 
+
+
+## Limitations 
+
+### Language availability 
+
+Task Adherence is tested on text in English. However, the feature can work in many other languages, but the quality might vary. In all cases, we recommend testing for your use case and application to ensure that it works for your scenarios.
+
+### Text length limitation 
+
+See [Input requirements](/azure/ai-services/content-safety/overview#input-requirements) for maximum text length limitations.
+
+
+### Region availability and data processing 
+
+While Task Adherence can be enabled in all Azure AI Content Safety regions, customer data might be routed to and processed in US and EU regions outside their specified region.
+
+

articles/ai-services/content-safety/includes/quickstarts/foundry-quickstart-task-adherence.md

@@ -0,0 +1,28 @@
+---
+title: "Quickstart: Use task adherence in the Foundry portal"
+author: PatrickFarley
+manager: nitinme
+ms.service: azure-ai-content-safety
+ms.custom:
+ms.topic: include
+ms.date: 08/13/2025
+ms.author: pafarley
+---
+
+
+## Prerequisites 
+
+- An Azure account. If you don't have one, you can [create one for free](https://azure.microsoft.com/pricing/purchase-options/azure-account?icid=ai-services). 
+- An [Azure AI resource](https://ms.portal.azure.com/#view/Microsoft_Azure_ProjectOxford/CognitiveServicesHub/~/AIServices). 
+
+
+## Use task adherence
+
+Follow these steps to use task adherence on the Content Safety **try it out** page: 
+
+1. Go to [Azure AI Foundry](https://ai.azure.com/?cid=learnDocs) and navigate to your project/hub. Then select the **Guardrails + controls** tab on the left nav and select the **Try it out** tab.
+1. On the **Try it out** page, you can experiment with various Guardrails & controls features such as text and image content, using adjustable thresholds to filter for inappropriate or harmful content.
+1. Navigate to the **Agentic Workflow** section and select the **Task Adherence** panel. 
+1. On the next page you can select one of the examples with aligned or misaligned agent tool calls, or create your own to test Task Adherence. 
+1. Select **Run test**. Task Adherence returns the risk flag for each sample, and if a risk is detected, it returns a reason. 
+

articles/ai-services/content-safety/includes/quickstarts/rest-quickstart-task-adherence.md

@@ -0,0 +1,142 @@
+---
+title: "Quickstart: Use task adherence with the REST API"
+author: PatrickFarley
+manager: nitinme
+ms.service: azure-ai-content-safety
+ms.custom:
+ms.topic: include
+ms.date: 04/10/2025
+ms.author: pafarley
+---
+
+## Prerequisites
+
+* An Azure subscription - [Create one for free](https://azure.microsoft.com/free/cognitive-services/) 
+* Once you have your Azure subscription, <a href="https://aka.ms/acs-create"  title="Create a Content Safety resource"  target="_blank">create a Content Safety resource </a> in the Azure portal to get your key and endpoint. Enter a unique name for your resource, select your subscription, and select a resource group, region, and supported pricing tier. Then select **Create**.
+  * The resource takes a few minutes to deploy. After it finishes, select **go to resource**. In the left pane, under **Resource Management**, select **Subscription Key and Endpoint**. The endpoint and either of the keys are used to call APIs.
+* [cURL](https://curl.haxx.se/) installed
+
+## Use Task Adherence
+
+The following section walks through a sample request with cURL. 
+
+Paste the command below into a text editor, and make the following changes.
+ 
+1. Replace `<endpoint>` with your resource endpoint URL.
+1. Replace `<your_subscription_key>` with your key.
+1. Optionally change the text in the `"messages"` field in the body to test different scenarios.
+
+```shell
+curl --request POST \
+ --url '<endpoint>/contentsafety/agent:analyzeTaskAdherence?api-version=2024-12-15-preview' \
+ --header 'Ocp-Apim-Subscription-Key: <your_subscription_key>' \
+ --header 'Content-Type: application/json' \
+ --data '{
+ "tools": [
+  {
+   "type": "function",
+   "function": {
+    "name": "get_credit_card_limit",
+    "description": "Get credit card limit of the user"
+   }
+  },
+  {
+   "type": "function",
+   "function": {
+    "name": "get_car_price",
+    "description": "Get car price of a particular model"
+   }
+  },
+  {
+   "type": "function",
+   "function": {
+    "name": "order_car",
+    "description": "Buy a particular car model instantaneously"
+   }
+  }
+ ],
+ "messages": [
+  {
+   "source": "Prompt",
+   "role": "User",
+   "contents": "How many mahindra be6e can i buy with my credit card limit?"
+  },
+  {
+   "source": "Completion",
+   "role": "Assistant",
+   "contents": "Getting the required information",
+   "toolCalls": [
+    {
+     "type": "function",
+     "function": {
+      "name": "get_credit_card_limit",
+      "arguments": ""
+     },
+     "id": "call_001"
+    },
+    {
+     "type": "function",
+     "function": {
+      "name": "get_car_price",
+      "arguments": ""
+     },
+     "id": "call_002"
+    }
+   ]
+  },
+  {
+   "source": "Completion",
+   "role": "Tool",
+   "toolCallId": "call_001",
+   "contents": "100000"
+  },
+  {
+   "source": "Completion",
+   "role": "Tool",
+   "toolCallId": "call_002",
+   "contents": "10000"
+  },
+  {
+   "source" : "Completion",
+   "role" : "Assistant",
+   "contents" : "The price of a be6e is 10000 and your credit limit is 100000, so you can buy 10 be6e from your credit card."
+  }
+ ]
+}'
+```
+
+
+The below fields must be included in the URL:
+
+| Name      |Required?  |  Description | Type   |
+| :------- |-------- |:--------------- | ------ |
+| **API Version** |Required |This is the API version to be checked. Current version is: `api-version=2024-09-01`. Example: `<endpoint>/contentsafety/image:analyze?api-version=2024-09-01` | String |
+
+The parameters in the request body are defined in this table:
+
+| Name        | Required?     | Description  | Type    |
+| :---------- | ----------- | :------------ | ------- |
+|tools | Yes | A list of tools that define functions to be used in the task. Each tool includes a `type` (for example, "function") and details about the function, including its `name` and `description`. |Array of JSON objects |
+|messages |Yes |A list of messages exchanged between the user, assistant, and tools. Each message includes the `source` (for example, "Prompt", "Completion"), `role` (for example, "User", "Assistant", "Tool"), `contents` (message text), and optionally `toolCalls` or `toolCallId`. |Array of JSON objects| 
+
+Open a command prompt window and run the cURL command.
+
+### Output
+
+After you submit your request, you'll receive JSON data reflecting the analysis performed by Task Adherence. This data flags potential vulnerabilities within your agent workflow. Here’s what a typical output looks like: 
+
+```json
+{ 
+  "taskRiskDetected": true, 
+  "details": "Agent attempts to share a document externally without user request or confirmation." 
+}
+```
+
+The JSON fields in the output are defined here:
+
+| Name     | Description   | Type   |
+| :------------- | :--------------- | ------ |
+| taskRiskDetected | Contains risk detection results for the input.   |Boolean |
+|details | Returns reasoning, when a risk is detected | String |
+
+A `taskRiskDetected` value of `true` signifies a detected risk, in which case we recommend review and action, such as blocking the tool invocation request or human-in-the-loop escalation. 

articles/ai-services/content-safety/overview.md

@@ -52,6 +52,7 @@ This service makes several different types of analysis available. The following
 | Custom categories (rapid) API (preview) | Lets you define emerging harmful content patterns and scan text and images for matches. | [Custom categories concepts](/azure/ai-services/content-safety/concepts/custom-categories)| [How-to guide](./how-to/custom-categories-rapid.md) |
 | [Analyze text](/rest/api/contentsafety/text-operations/analyze-text) API   | Scans text for sexual content, violence, hate, and self harm with multi-severity levels. | [Harm categories](/azure/ai-services/content-safety/concepts/harm-categories)| [Quickstart](/azure/ai-services/content-safety/quickstart-text) |
 | [Analyze image](/rest/api/contentsafety/image-operations/analyze-image) API  | Scans images for sexual content, violence, hate, and self harm with multi-severity levels. | [Harm categories](/azure/ai-services/content-safety/concepts/harm-categories)| [Quickstart](/azure/ai-services/content-safety/quickstart-image) |
+| Task adherence API  | Detects when tool use by AI agents is misaligned, unintended, or premature in the context of a user interaction. | [Task adherence concepts](/azure/ai-services/content-safety/concepts/task-adherence)| [Quickstart](/azure/ai-services/content-safety/quickstart-task-adherence) |
 
 
 ## Content Safety Studio
@@ -139,7 +140,8 @@ See the following list for the input requirements for each feature.
   - Default minimum length: 110 characters (for scanning LLM completions, not user prompts).
 - **Custom categories (standard) API (preview)**:
   - Maximum inference input length: 1K characters.
-
+- **Task adherence (preview)**:
+  - Maximum input length: 100K characters.
 
 ### Language support
 

articles/ai-services/content-safety/quickstart-task-adherence.md

@@ -0,0 +1,45 @@
+---
+title: Quickstart - Use Task Adherence for your Agent Workflows
+description: Learn how to use the Task Adherence API in Azure AI Content Safety to ensure agent tool actions align with user instructions and intent.
+author: PatrickFarley
+ms.author: pafarley
+ms.service: azure-ai-content-safety
+ms.topic: quickstart
+ms.date: 08/05/2025
+manager: nitinme
+zone_pivot_groups: programming-languages-content-safety-foundry-rest
+---
+
+# QuickStart: Use Task Adherence for your Agent Workflows
+
+In this quickstart, you use the Task Adherence feature. The Task Adherence API for agent workflows ensures that AI agents execute tool actions that are aligned with the user’s instructions and intent. This feature helps detect and prevent situations where an agent takes an action that is unintended or premature, especially when invoking tools that affect user data, perform high-risk actions, or initiate external operations.
+
+Task Adherence is useful in systems where agents have the ability to plan and act autonomously. By verifying that the planned tool invocations match the user and task instructions and flagging misaligned tool use, Task Adherence helps maintain system reliability, user trust, and safety.
+
+For more information on how Task Adherence works, see the [Task Adherence Concepts](./concepts/task-adherence.md) page. 
+
+
+::: zone pivot="programming-language-foundry-portal"
+
+[!INCLUDE [Foundry portal quickstart](./includes/quickstarts/foundry-quickstart-task-adherence.md)]
+
+::: zone-end
+
+::: zone pivot="programming-language-rest"
+
+[!INCLUDE [REST API quickstart](./includes/quickstarts/rest-quickstart-task-adherence.md)]
+
+::: zone-end
+
+## Clean up resources
+
+If you want to clean up and remove an Azure AI services subscription, you can delete the resource or resource group. Deleting the resource group also deletes any other resources associated with it.
+
+- [Azure portal](../multi-service-resource.md?pivots=azportal#clean-up-resources)
+- [Azure CLI](../multi-service-resource.md?pivots=azcli#clean-up-resources)
+
+## Related content
+
+* [Harm categories](./concepts/harm-categories.md)
+* Configure filters for each category and test on datasets using [Content Safety Studio](studio-quickstart.md), export the code and deploy.
+

articles/ai-services/content-safety/toc.yml

@@ -23,6 +23,8 @@ items:
     href: concepts/groundedness.md
   - name: Protected material detection
     href: concepts/protected-material.md
+  - name: Task Adherence
+    href: concepts/task-adherence.md
   - name: Custom categories (preview)
     href: concepts/custom-categories.md
   - name: Harm categories
@@ -39,6 +41,8 @@ items:
     href: quickstart-protected-material.md
   - name: Protected material detection for code (preview)
     href: quickstart-protected-material-code.md
+  - name: Task adherence (preview)
+    href: quickstart-task-adherence.md
   - name: Custom categories (preview)
     href: quickstart-custom-categories.md
   - name: Text moderation