SAIL 2.0

/

Deploy - Runtime Guardrails

/

Missing Action-Level Authorization at Runtime

5.13

.

Missing Action-Level Authorization at Runtime

sail
5.13
Risk

Missing Action-Level Authorization at Runtime

Description

Actions are not authorized per invocation; only session-level auth is enforced, letting an agent chain unrestricted actions after one valid session check.

Example

An agent passes session auth, then chains 200 tool invocations including high-sensitivity actions; none is individually authorized at runtime.

Assets Affected

AI Agent

Tool

AI Policy

Agent Communication Protocol (ACP)

Mitigation
  • Per-action authorization at runtime
  • classify actions by sensitivity and route high-sensitivity through secondary auth or HITL
  • align runtime gates with build-time policy.
Standards Mapping
  • ISO: A.9.4, A.6.2.5
  • OWASP agentic: ASI02, ASI03
  • OWASP LLM: LLM06:2025
  • EU AI Act: Art. 14, Art. 15(5)
  • DASF: Model Serving 9.13, Agents-MCP Server 13.22
  • AIUC-1: B006, D003