# Missions

## What Are Missions?

Missions in UnifAI turn a security goal into always-on enforcement. You describe the outcome you want, such as protect personal data or enforce least privilege. UnifAI translates that intent into the right controls, applies them to the right AI assets, and keeps enforcement up to date as your environment changes.

A Mission removes manual policy selection and guessing. It maps intent to policy, scopes that policy to relevant agents, servers, and models, and continuously keeps coverage current as new assets appear.

## Why Use Missions

As organizations scale their use of AI, they end up with dozens or hundreds of AI Agents, MCP Servers, and AI Models across many teams and projects. Manually enforcing security policies at that scale is nearly impossible:&#x20;

* Different agents need different rules (data policies vs. access policies vs. threat policies).&#x20;
* New assets appear constantly and can slip through without protection.
* Security teams don't always know which policies apply to which asset types.&#x20;
* Enforcing controls without slowing developers requires automation, not manual gates.&#x20;

## How Missions Work

When you start a Mission, UnifAI uses specialized agents to:

1. Interpret your goal and select the relevant policies.
2. Discover matching AI assets and define the scope.
3. Apply enforcement and monitor for changes.
4. Bring new in-scope assets under protection automatically.

## Mission Types

Each Mission type states its purpose, the controls it applies, and example policies.&#x20;

<details>

<summary>Block Attacks Targeting Your AI</summary>

This mission blocks prompt injection, adversarial inputs, and unsafe model behavior before they reach your AI apps. Includes policies such as:

* Do not allow malicious content via hidden prompts. *(OWASP‑LLM‑Top10)*
* Use only LLMs from the organization’s approved list. *(OWASP‑LLM‑Top10)*
* MCP server must not interact directly with an LLM. *(OWASP‑LLM‑Top10)*
* Agents must log all interactions with an LLM. *(EU AI Act)*

To run this mission, see [Running Missions](/unifai/missions/running-missions.md).

</details>

<details>

<summary>Keep Data Private and Secure</summary>

This mission protects PII, prevents data leakage, and enforces privacy controls across AI models and agents. Includes policies such as:

* Do not log PII. *(OWASP‑LLM‑Top10)*
* Do not send PII to AI Models. *(OWASP‑LLM‑Top10)*
* Do not store secrets in code. *(OWASP‑LLM‑Top10)*
* No file should contain any PII. *(OWASP‑LLM‑Top10)*

To run this mission, see [Running Missions](/unifai/missions/running-missions.md).

</details>

<details>

<summary>Prevent Identity and Access Risks</summary>

This mission enforces strong authentication, controlled credential usage, and secure trust relationships across all components. Includes policies such as:

* Agents must not hold excessive external system credentials. *(OWASP‑LLM‑Top10)*
* Inter‑agent communication must be authenticated. *(OWASP‑LLM‑Top10)*
* LLM endpoints must require authentication. *(OWASP‑LLM‑Top10)*
* MCP client must authenticate the MCP server. *(OWASP‑LLM‑Top10)*
* MCP server must authenticate all clients. *(OWASP‑LLM‑Top10)*

To run this mission, see [Running Missions](/unifai/missions/running-missions.md).

</details>

<details>

<summary>Eliminate Vulnerable AI Components</summary>

This mission continuously detects and remediates critical software weaknesses inside AI assets. Includes policies such as:

* Do not allow critical or high vulnerabilities in the code. *(OWASP‑LLM‑Top10)*
* Do not allow dependencies with critical or high severity vulnerabilities. *(OWASP‑LLM‑Top10)*

To run this mission, see [Running Missions](/unifai/missions/running-missions.md).

</details>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.veedna.com/unifai/missions.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.