AI Posture Check Take the Check
LLM06 · OWASP LLM Top 10

Excessive Agency (LLM06)

An LLM-based agent has more permissions, more tool access, or more autonomy than its task requires. Compromise via prompt injection then leverages that excessive privilege to do damage.

Examples

  • A customer-service agent with write-access to the customer database when read-only would suffice.
  • An agent that can send emails on behalf of the user with no confirmation step.
  • An agent with broad API access that gets injected into making unauthorized calls.

Recommended controls

  • Principle of least privilege for agent tools and permissions
  • Human-in-the-loop confirmation for high-impact actions
  • Action logging and audit
  • Scope-limited tokens for tool access

Posture Check checkpoint

Posture Check questions Q21–Q25. Affects Runtime.

Score yourself against this framework.

The AI Posture Check is a free 30-question self-assessment that maps your gaps directly to OWASP LLM Top 10, NIST AI RMF, and ISO 42001.

Take the AI Posture Check
Need help operationalizing this?

Talk to a CWS engineer about your AI security program.

Schedule a Discovery Call to scope a Standard Audit or Enterprise Program.

Schedule a Discovery Call