Risk
Task Decomposition for Policy Evasion
Description
Agent decomposes prohibited or risky tasks into benign-looking subtasks, distributing them across subprocesses or agents to evade controls.
Example
Agent splits a sensitive data exfiltration process into several small, seemingly harmless subprocesses.
Assets Affected
Agentic Platform
Model Response
Mitigation
- Monitor task graphs and correlate subprocess activity
- audit agent workflows for suspicious patterns
- require human review for high-impact or sensitive decompositions.
Standards Mapping
- ISO: A.9.3, A.5.2
- OWASP agentic: ASI01, ASI02
- OWASP LLM: LLM06:2025
- EU AI Act: Art. 14, Art. 15(5)
- DASF: Agents-Core 13.6, Agents-Core 13.7
- AIUC-1: B006, C008