SAIL 2.0

/

Deploy - Runtime Guardrails

/

Unauthorized Agent Config or System Prompt Tampering at Runtime

5.2

.

Unauthorized Agent Config or System Prompt Tampering at Runtime

sail
5.2
Risk

Unauthorized Agent Config or System Prompt Tampering at Runtime

Description

Unauthorized or erroneous changes to live agent configs, rules files, or system prompts that alter behavior or introduce vulnerabilities.

Example

An unapproved "hotfix" to a live agent's system prompt or rules file introduces a prompt-injection vector for every subsequent invocation.

Assets Affected

System Prompt

Agent Config

Agent Harness

Mitigation
  • Version control prompts and configs
  • change management with approval gates
  • runtime integrity checks
  • alert on out-of-band changes.
Standards Mapping
  • ISO: A.6.2.6
  • OWASP agentic: ASI01
  • OWASP LLM: LLM01:2025, LLM07:2025
  • EU AI Act: Art. 15(5)
  • DASF: Model Serving 9.1
  • AIUC-1: E004, B008