SAIL 2.0

/

Build - AI Security Posture Management

/

Over-Scoped Agent Tool Permissions and Connectors

3.13

.

Over-Scoped Agent Tool Permissions and Connectors

sail
3.13
Risk

Over-Scoped Agent Tool Permissions and Connectors

Description

Agents are configured with access to tools, connectors, or scopes beyond what their business purpose requires, expanding the blast radius of any compromise.

Example

A meeting-summarization agent has full read/write access to the company CRM via a connector that grants org-wide scope when the agent only needs read for the user's own calendar.

Assets Affected

AI Agent

Tool

Skill

3rd-Party AI Integration

Agent Identity

Mitigation
  • Apply least-privilege scoping at agent build
  • map tool and connector permissions to business need
  • review and prune scopes during posture analysis
  • alert on scope expansion.
Standards Mapping
  • ISO: A.9.4, A.10.2
  • OWASP agentic: ASI03, ASI02
  • OWASP LLM: LLM06:2025
  • EU AI Act: Art. 14, Art. 15(5)
  • DASF: Agents-MCP Server 13.22, Agents-Core 13.2
  • AIUC-1: B006, A003