Risk
Maker-Identity Inheritance in Low-Code Agents
Description
Agents built in low-code platforms inherit the maker's standing access, letting consumers act with credentials beyond their own scope.
Example
A Copilot Studio agent built by an admin is consumed by an employee; the employee inadvertently invokes admin-level operations through the agent.
Assets Affected
AI Agent
Agentic Platform
Agent Identity
AI Provider Access Credentials
Mitigation
- Decouple maker from runtime identity
- enforce delegated authorization rather than inherited standing access
- surface consumer vs maker scope at runtime
- audit cross-identity invocations.
Standards Mapping
- ISO: A.4.5, A.10.2
- OWASP agentic: ASI03
- OWASP LLM: LLM06:2025
- EU AI Act: Art. 14, Art. 15(5)
- DASF: Agents-MCP Server 13.17, Agents-Core 13.3
- AIUC-1: B007, B006