3.8
.
Unvetted Use of Open-Source and Third-Party AI and Agentic Components
sail
3.8
Risk
Unvetted Use of Open-Source and Third-Party AI and Agentic Components
Description
Incorporation of external libraries, pre-trained models, MCP servers, plugins, or marketplace agents without sufficient security, privacy, or compliance review, leading to inherited vulnerabilities or legal risk.
Example
Using a community MCP server that exposes filesystem access without scoping, or pulling a pre-trained model from a public repo that contains a backdoor.
Assets Affected
Model Files
Framework
3rd-Party AI Integration
Dataset / RAG
MCP Server
Agents Plugins
Agents Marketplaces
Mitigation
- Vet all third-party and open-source components before use
- maintain a Bill of Materials (SBOM) including agentic components
- regularly monitor for vulnerabilities
- review licensing and compliance
- document all dependencies and their provenance.
Standards Mapping
- ISO: A.10.3, A.6.2.3
- OWASP agentic: ASI04
- OWASP LLM: LLM03:2025
- EU AI Act: Art. 25
- DASF: Model 7.3, Agents-MCP Server 13.21
- AIUC-1: E006, E010