Excessive agency

GENSEC05: How do you prevent excessive agency for models?

Excessive Agency is an Open Worldwide Application Security Project (OWASP) Top 10 security threat for LLMs and is typically introduced to systems through agentic architectures. Agents are designed to take action on behalf of a user. The risk of excessive agency is that an agent could take actions beyond their intended purpose.

Best practices

GENSEC05-BP01 Implement least privilege access and permissions boundaries for agentic workflows

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

GENSEC04-BP02 Sanitize and validate user inputs to foundation models

GENSEC05-BP01 Implement least privilege access and permissions boundaries for agentic workflows