Risk
Untested Agent
Description
Agent, or major version undergoes insufficient or undocumented adversarial evaluation โ including testing of reasoning chains, tool invocations, and inter-agent handoffs.
Example
An agent passes functional tests but is deployed without any evaluation of how it handles adversarial tool descriptions, indirect prompt injection, or A2A handoffs.
Assets Affected
Model Files
AI Agent
Pipeline Job
Mitigation
- Require formal adversarial testing and documented red-team evidence before approval
- automate checks for test coverage in CI/CD
- cover both model-level and agent-level adversarial scenarios.
Standards Mapping
- ISO: A.6.2.4
- EU AI Act: Art. 9(6)
- DASF: Platform 12.2
- AIUC-1: C002, B001