Risk
No Action-Authorization Policy Defined
Description
Policy articulates session-level access control for agents but doesn't define per-action authorization requirements โ leaving the runtime layer without policy backing for action-level enforcement.
Example
An agent passes session authentication once and then chains 200 tool invocations across 30 minutes, none of which are individually authorized or policy-checked.
Assets Affected
AI Policy
AI Agent
Tool
Agent Communication Protocol (ACP)
Mitigation
- Define a baseline allow/deny/HITL list of high-risk actions that are always blocked or always require approval and rely on harness auto-mode for routine actions rather than authorizing each call manually. Reserve finer-grained, context-aware authorization for the specific workflows that warrant it..
Standards Mapping
- ISO: A.9.4, A.6.2.5
- OWASP agentic: ASI02, ASI03
- OWASP LLM: LLM06:2025
- EU AI Act: Art. 14, Art. 15(5)
- DASF: Agents-Core 13.2, Model Serving 9.13
- AIUC-1: B006, D003