APromptRiskDBThreat intelligence atlas
AI Mitigation

AI Agent Tools Permissions Configuration - AI Mitigation

When deploying tools that will be shared across multiple AI agents, it is important to implement robust policies and controls on permissions for the tools. These controls include applying the principle of least privilege along with delegated access, where the tools receive the permissions, identities, and restrictions of the AI agent calling them. These configurations may be implemented either in MCP servers which...

View mitigationsRead context
AI MitigationDeploymentTechnical - Cyber

Record summary

A quick snapshot of what this page covers.

Techniques5Attacks this defense is designed to help with.
Lifecycle1Where this defense applies in the AI lifecycle.
Categories1How the source groups this defense.

Control summary

What this defense is meant to help prevent.

When deploying tools that will be shared across multiple AI agents, it is important to implement robust policies and controls on permissions for the tools. These controls include applying the principle of least privilege along with delegated access, where the tools receive the permissions, identities, and restrictions of the AI agent calling them. These configurations may be implemented either in MCP servers which connect the agents to the tools calling them or, in more complex cases, directly in the configuration files of the tool.

ATLAS ID
AML.M0028
Priority score
25
Deployment
Technical - Cyber

Covered techniques

Attacks this defense is designed to help with.

AML.T0053 - AI Agent Tool Invocation

demonstrated

Configuring AI Agent tools with access controls inherited from the user or the AI Agent invoking the tool can limit an adversary's capabilities within a system, including their ability to abuse tool invocations and access sensitive data.

AML.T0085.001 - AI Agent Tools

demonstrated

Configuring AI Agent tools with access controls that are inherited from the user or the AI Agent invoking the tool can limit adversary's access to sensitive data.

AML.T0101 - Data Destruction via AI Agent Tool Invocation

realized

Configuring AI Agent tools with access controls inherited from the user or the AI Agent invoking the tool can limit an adversary's capabilities within a system, including their ability to abuse tool invocations to destroy data.

AML.T0085 - Data from AI Services

demonstrated

Configuring AI Agent tools with access controls inherited from the user or the AI Agent invoking the tool can limit adversary's access to sensitive data.

AML.T0086 - Exfiltration via AI Agent Tool Invocation

realized

Configuring AI Agent tools with access controls inherited from the user or the AI Agent invoking the tool can limit an adversary's capabilities within a system, including their ability to abuse tool invocations and exfiltrate sensitive data.

Source

Where this page information comes from.