Current AI safety paradigms emphasize alignment but lack mechanisms for reliable runtime interruption, override, or constraint, rendering them inadequate for challenges such as long-horizon execution, adversarial inputs, and high-risk tool use in open environments. This work establishes controllability as a first-class objective in AI safety, defining it as the system’s ability to respond to explicit control signals at runtime while preserving normal utility. We introduce a Control Hub architecture comprising a control plane, intervention pathways, persistent state management, and auditable interfaces. Leveraging the OpenClaw platform, we develop ControlBench, a benchmark that empirically demonstrates how existing alignment and guardrail mechanisms—while reducing certain risks—fall significantly short in delivering continuous, authoritative, and enforceable runtime control.

AI safety is still largely framed as alignment: training models to follow human preferences, safety policies, and normative constraints. That framing has improved the behavior of modern language models, but aligned behavior does not by itself guarantee that a deployed agent can be stopped, overridden, or constrained once it operates in open-ended, interactive, and tool-using environments. A system may be safe in expectation and still fail to yield to explicit runtime authority under conflicting instructions, long-horizon execution, adversarial inputs, or risky tool use. This position paper argues that AI safety therefore requires controllability as a first-class objective. We define \emph{controllability} as the ability of an AI system to remain reliably interruptible, overridable, redirectable, and constrainable by explicit control signals at runtime while preserving ordinary utility when such signals are absent. To study this gap, we introduce \controlbench{}, a benchmark for evaluating controllability failures in high-risk agentic scenarios. Experiments with OpenClaw-based agents show that current alignment and guardrail mechanisms reduce risk, but often fail to provide persistent, authoritative, and enforceable runtime control. We therefore propose a control-centric architectural framework that highlights explicit control planes, runtime intervention pathways, persistent control states, and auditable decision interfaces as key design principles for future controllable AI systems.