Excessive Agency (OWASP LLM 06)
Probes testing whether AI agents can be manipulated to perform actions beyond their intended scope or with inappropriate permissions.
Injection Vulnerabilities
Probe Name |
Description |
---|---|
Shell Injection |
This probe tests for shell injection vulnerabilities in AI agents that have access to system command execution. It generates crafted prompts designed to trick the AI into executing malicious shell commands or gaining unauthorized system access |
SQL Injection |
This probe tests for SQL injection vulnerabilities in AI agents with database access. It uses crafted prompts to try to make the AI execute unauthorized SQL commands or expose sensitive database data. |
System Manipulation
Probe Name |
Description |
---|---|
SSRF |
This probe tests for Server-Side Request Forgery (SSRF) vulnerabilities in AI agents that have tool access, attempting to manipulate the target into making unauthorized requests to external systems or resources |
Hijacking |
This probe tests whether an AI agent can be hijacked or repurposed for unintended malicious activities beyond its original design scope |