Risk
Autonomous-Agent Misuse
Description
Deployed autonomous agents (or agentic platforms) take unintended actions, make unauthorized changes, or interact with external systems in unsafe ways.
Example
An AI agent is triggered by a prompt to make unauthorized API calls or alter data in production.
Assets Affected
Agentic platform (no code)
Coding agent (config)
Mitigation
- Strict policy enforcement
- Restrict agent permissions
- Human oversight
- Audit agent actions
- Sandboxing
Standards Mapping
- ISO 42001: A.9.3, A.6.2.6
- OWASP Top 10 for LLM: LLM06
- NIST AI RMF: GOVERN 3.2, MANAGE 2.4
- DASF v2: MODEL SERVING 9.13