SAIL 2.0

/

Deploy - Runtime Guardrails

/

Insecure Agent Harness and Runtime Configuration

5.1

.

Insecure Agent Harness and Runtime Configuration

sail
5.1
Risk

Insecure Agent Harness and Runtime Configuration

Description

Authentication, identity, or configuration gaps in the agent harness exposing tool invocation, memory, and streaming surfaces.

Example

A managed agent runtime is provisioned with a wildcard IAM role, letting one compromised agent act across every agent on the platform (AgentCore "god mode" class).

Assets Affected

Agent Harness

Agent Identity

Model Inference Endpoint

Mitigation
  • Workload identities and mTLS at harness boundaries
  • per-action authorization
  • least-privilege IAM
  • rate-limit tools and streaming
  • validate I/O
  • trace with PII filtering.
Standards Mapping
  • ISO: A.6.2.5, A.6.2.6
  • OWASP agentic: ASI03, ASI02
  • EU AI Act: Art. 15(5)
  • DASF: Model Serving 9.11, Agents-Core 13.3
  • AIUC-1: B007, B008