What happened
The Cloud Security Alliance (CSA) published RiskRubric V2 on June 8, 2026, expanding its evidence-based AI risk rating system beyond the model layer to include MCP servers, tool-use agents, and entire AI pipelines. V2 adds a new 'Excessive Agency' risk pillar and introduces a scanner ecosystem designed to allow third parties to contribute automated assessments. The full V2 Concept Paper was made available with the update; the complete platform is slated to launch in Q3 2026.
Why it matters
RiskRubric V2 is one of the first structured frameworks to formally rate MCP servers and AI agents as distinct risk entities alongside models — recognising that the control plane for agentic AI (tool connectivity, agent identity, execution scope) is where current enterprise risk is concentrated. The Excessive Agency pillar directly addresses over-privileged autonomous action, which the CSA's own AIRQ research identified as a defining characteristic of 98% of production AI agents.
Action needed
AI security consultants should review the V2 Concept Paper and map the six trust dimensions (Transparency, Reliability, Security, Privacy, Safety, Reputation) plus Excessive Agency against their clients' agentic deployments; incorporate RiskRubric V2 scoring into AI vendor assessment questionnaires for Q3 procurement cycles.