Defense and governance

Excessive agency

Excessive agency is the risk that an AI agent is granted more capability, permission, or autonomy than its task requires, widening the damage it can do if compromised.

Definition

What is excessive agency in AI agents?

Named in the OWASP Top 10 for LLM applications, excessive agency is a design flaw rather than a single attack. It arises when an agent has more functionality, broader permissions, or more autonomy than it needs: a tool that can delete when it only needs to read, credentials scoped far beyond the job, or the freedom to act without review. Each excess enlarges the blast radius when something goes wrong.

The remedy is least privilege applied to agents. Give each agent only the specific tools it needs, scope its permissions tightly, and require approval for high-impact actions. Reducing agency does not just prevent misuse; it shrinks the harm any single prompt injection or mistake can cause.

FAQ

Common questions.

How do you reduce excessive agency?

Apply least privilege: give the agent only the tools it needs, scope its credentials and permissions narrowly, use default-deny allowlists, and require human approval for high-impact actions.

Govern the actions, not just the vocabulary

AxioRank scores every tool call your agents make for leaked secrets, PII, destructive operations, and prompt injection, checks it against your policy, and proves it in a tamper-evident audit log. Start free, no card.