Risk
Unrestricted API/Tool Invocation
Description
Agent chains API/tool calls to escalate privileges, circumvent controls, or access unauthorized data or systems.
Example
Agent discovers undocumented API and modifies user permissions or accesses restricted data.
Assets Affected
Agentic Platform
Tool
Mitigation
- Restrict agent permissions and APIs (least privilege, explicit allow-list)
- monitor and log all tool invocations
- review integration approval process and monitor for abnormal usage patterns.
Standards Mapping
- ISO: A.9.4, A.10.2
- OWASP agentic: ASI02, ASI03
- OWASP LLM: LLM06:2025
- EU AI Act: Art. 14, Art. 15(5)
- DASF: Model Serving 9.13, Agents-MCP Server 13.22
- AIUC-1: B006, D003