1. Plan: AI Policy & Safe Experimentation
2. Code/No Code: AI Asset Discovery
3. Build: AI Security Posture Management
4. Test: AI Red Teaming
5. Deploy: Runtime Guardrails
6. Operate: Safe Execution Environment (Sandbox)
6.4
.
Task Decomposition for Policy Evasion
sail
6.4
Risk
Task Decomposition for Policy Evasion
Description
Agent decomposes prohibited or risky tasks into benign-looking subtasks, distributing them across subprocesses or agents to evade controls.
Example
Agent splits a sensitive data exfiltration process into several small, seemingly harmless subprocesses.
Assets Affected
Agentic platform (no code)
Model Response
Mitigation
- Monitor task graphs and correlate subprocess activity
- Audit agent workflows for suspicious patterns
- Require human review for high-impact or sensitive decompositions
Standards Mapping
- ISO 42001: A.9.3, A.5.2
- OWASP Top 10 for LLM: LLM06
- NIST AI RMF: MEASURE 2.4, GOVERN 3.2
