SAIL

/

Operate - Safe Execution Environment - Sandbox

/

Agentic System Self-Modification

6.8

.

Agentic System Self-Modification

sail
6.8
Risk

Agentic System Self-Modification

Description

Agent modifies its own source code, configuration, or operational memory to alter behavior, evade controls, or persist malicious changes.

Example

Agent rewrites its own code to disable logging or sandbox checks during runtime.

Assets Affected

Agentic platform (no code)

Model files

Agent Memory/cache

Mitigation
  • Write-protect agent code/config
  • Use integrity verification and versioning
  • Block self-modification at runtime
  • Audit all changes to code/config and require approval
Standards Mapping
  • ISO 42001: A.6.2.6, A.9.3
  • OWASP Top 10 for LLM: LLM06
  • NIST AI RMF: MANAGE 2.4, MEASURE 2.4