Risk
Autonomous Resource Provisioning/Abuse
Description
Agent autonomously creates cloud resources, files, or processes, causing cost overruns, security exposure, or denial-of-service.
Example
Agent launches many cloud VMs or uploads sensitive files to public storage.
Assets Affected
Agentic platform (no code)
AI platform
Mitigation
- Enforce quotas and resource limits
- Monitor and alert on resource creation
- Require approval for high-impact actions
- Audit resource usage regularly
Standards Mapping
- ISO 42001: A.4.5, A.9.3
- OWASP Top 10 for LLM: LLM10
- NIST AI RMF: MANAGE 2.1, GOVERN 3.2
- DASF v2: MODEL SERVING 9.7, 9.13