Risk
Task Decomposition for Policy Evasion
Description
Agent decomposes prohibited or risky tasks into benign-looking subtasks, distributing them across subprocesses or agents to evade controls.
Example
Agent splits a sensitive data exfiltration process into several small, seemingly harmless subprocesses.
Assets Affected
Agentic platform (no code)
Model Response
Mitigation
- Monitor task graphs and correlate subprocess activity
- Audit agent workflows for suspicious patterns
- Require human review for high-impact or sensitive decompositions
Standards Mapping
- ISO 42001: A.9.3, A.5.2
- OWASP Top 10 for LLM: LLM06
- NIST AI RMF: MEASURE 2.4, GOVERN 3.2