◈ AI Security Intelligence ← All terms
Attack  ·  Glossary

Excessive agency (AI agents)

Definition
When an AI agent is given—or accumulates—more permissions, tools, and capabilities than it actually needs to do its job. If the agent is then tricked or hijacked, those excess permissions become the attacker's leverage, allowing actions far beyond what was intended—like sending emails, modifying files, or escalating to admin access.
Why it matters
Most enterprise AI agent deployments inherit broad developer or service-account credentials by default, creating a massive blast radius if the agent is compromised. Applying the principle of least privilege—giving agents only the minimum permissions needed—is the primary defense.
Demonstrated by recent findings
Palo Alto Networks Prisma AIRS: Privilege Misuse Detection for AI Agents (June 2026 Release)Linx Security: GA of Agentic Access Control — Inline MCP Gateway with Tool-Level Policy EnforcementAgentjacking: Sentry MCP Integration Weaponised to Execute Arbitrary Code on Developer Machines via Injected Error EventsCSA / Adversa AI AIRQ Report: 98% of Production AI Agents Carry the Lethal Trifecta — Only 11% Adequately Defended
References
OWASP LLM Top 10 2025 — LLM06: Excessive AgencyCSA AI Agent Lethal Trifecta
Track this in the live feed See how this plays out in real AI security and governance developments.
Open the feed →