SAIL 2.0

/

Deploy - Runtime Guardrails

/

Sensitive Data Exfiltration via Agent Output or Tool Calls

5.8

.

Sensitive Data Exfiltration via Agent Output or Tool Calls

sail
5.8
Risk

Sensitive Data Exfiltration via Agent Output or Tool Calls

Description

Sensitive data flows out through agent responses, tool arguments, or external API calls due to missing output filtering or scope enforcement.

Example

An agent fetches customer records during a task and includes them verbatim in an outbound email tool call, or in a summary rendered to an unauthorized user.

Assets Affected

Model Response

Tool

AI App

Agent Memory / Cache

Mitigation
  • Output filtering and DLP at harness boundary
  • classify and redact sensitive data
  • scope tool arguments
  • audit data flowing to external destinations.
Standards Mapping
  • ISO: A.8.2, A.7.4
  • OWASP agentic: ASI06
  • OWASP LLM: LLM02:2025
  • EU AI Act: Art. 10, Art. 15(5)
  • DASF: Model Serving 10.6, Agents-MCP 13.23
  • AIUC-1: A006, B009