SAIL 2.0

/

Code/ No Code - AI Asset Discovery

/

Unvetted Local / Endpoint Agents

2.8

.

Unvetted Local / Endpoint Agents

sail
2.8
Risk

Unvetted Local / Endpoint Agents

Description

Coding assistants, agentic browsers, computer-use agents, and desktop MCP bridges are installed on developer and employee endpoints without security review or registration.

Example

Engineering team installs an unknown coding agent and a community MCP server; security has no inventory and no telemetry.

Assets Affected

AI Agent

Agent Config

MCP Server

Agent Execution Sandbox

Mitigation
  • Require registration and approval of endpoint agents
  • enforce allowlists at the endpoint
  • instrument sensor for agentic-tool installation and execution
  • periodic endpoint scans for unsanctioned agents.
Standards Mapping
  • ISO: A.3.2, A.10.3
  • OWASP agentic: ASI04, ASI10
  • OWASP LLM: LLM03:2025
  • EU AI Act: Art. 17
  • DASF: Agents-MCP Client 13.26, Agents-Core 13.13
  • AIUC-1: E006, E010