Agent Security and Tool Abuse
Synthesis
Agentic systems expand the security boundary from model output to delegated actions, tool calls, memory, identity, and runtime authorization.
Evidence Base
This page was generated from the batch ingest of SRC-20260702-raw-papers-batch, SRC-20260702-raw-whitepapers-batch, and SRC-20260702-raw-news-batch. Treat it as a navigation and synthesis page; promote individual statements into claim pages when they become decision-relevant.
Representative Sources
| Title | Kind | Date | Tags | Raw |
|---|---|---|---|---|
| Duo Brings Identity and Authorization Across AI Agent Gateways | official_blog | 2026-06-17 | agent-identity, ai-gateway, authorization, mcp, non-human-identity, security-for-ai | raw |
| AI Agent Identity and Permission Challenges: How Uber and Auth0 Are Rethinking Access Control | news | 2026-06-17 | agent-identity, delegated-authority, mcp, multi-agent, oauth, security-for-ai | raw |
| Securing the Agentic AI Frontier: Palo Alto Networks and Databricks Deliver a New Standard for AI Se | official_blog | 2026-06-16 | agentic-ai, ai-gateway, data-security, governance, mcp, runtime-security | raw |
| An Evaluation of Data Leakage Risks in Tool-Using LLM Agents in Realistic Scenarios | paper | 2026-06-15 | agent-security, ai-security, data-leakage, privacy, tool-using-agent | raw |
| TrustedARI: Towards Trust-Native Agentic Routing Infrastructure for Agentic AI | paper | 2026-06-14 | agentic-ai, ai-security, multi-agent-systems, routing, trust-infrastructure | raw |
| Prompt injection still drives most agentic AI security failures in production | news | 2026-06-11 | agentic-ai, coding-agents, incidents, owasp, prompt-injection, security-for-ai | raw |
| Agents All the Way Down; A Methodology for Building Custom AI Agents from Substrate to Production | paper | 2026-06-10 | agent-methodology, agentic-ai, ai-technology, audit-trail, custom-agents, security-boundaries | raw |
| RAILS: Verification-Native Clearing For Agentic Commerce | paper | 2026-06-07 | agent-integrity, agentic-commerce, ai-security, non-human-identity, settlement-risk, verification | raw |
| Careful Adoption of Agentic AI Services | official_guidance | 2026-04-30 | ASD's ACSC, CISA, Canadian Centre for Cyber Security, NCSC-NZ, NCSC-UK, NSA | raw |
| Model Context Protocol Threat Modeling and Analyzing Vulnerabilities to Prompt Injection with Tool P | paper | 2026-03-23 | Amin Milani Fard, Charoes Huang, Ngoc Phu Tran, Xin Huang, mcp-security, security-for-ai | raw |
| From Secure Agentic AI to Secure Agentic Web: Challenges, Threats, and Future Directions | paper | 2026-03 | agent-security, agentic-web, open-challenges, security-for-ai | raw |
| MCPTox: A Benchmark for Tool Poisoning Attack on Real-World MCP Servers | paper | 2025-08-19 | Guanquan Shi, Haifeng Sun, Haohua Du, Haoran Cheng, Suyuan Liu, Xiangyang Li | raw |
Open Questions
- Which evidence in this cluster is strongest enough to support a stable claim?
- Which results generalize across models, tools, and deployment settings?
- Which controls have been evaluated under realistic adversarial conditions?