The scenario focuses on post-generation validation of AI outputs , specifically identifying risky or harmful patterns in generated code before it is used. According to CAIPM technical control frameworks, output scanning is the control designed to inspect AI-generated responses after generation but before consumption.

Output scanning mechanisms analyze generated text for predefined risk signatures such as insecure code patterns, infinite loops, deprecated syntax, or other logical vulnerabilities. This control acts as a protective gate between AI output and user action, ensuring unsafe or problematic outputs are flagged, blocked, or corrected before they can cause operational issues.

Other options do not match the requirement:

Content filtering typically focuses on restricting inappropriate or policy-violating content (e.g., harmful language), not technical code risks.

DLP integration is designed to prevent leakage of sensitive data, which is not the issue here.

Prompt monitoring evaluates user inputs rather than validating AI-generated outputs.

CAIPM emphasizes that safe AI adoption requires controls across the entire interaction lifecycle—input, processing, and output. In this case, the failure occurred after generation, making output scanning the appropriate control to mitigate such risks.

Therefore, the correct answer is Output scanning , as it directly addresses automated validation of generated responses before use.