CCC.GenAI.CN06: Least Privilege for Plugins
Control ID:CCC.GenAI.CN06
Title:Least Privilege for Plugins
Objective:Restricts the permissions of any external tools the GenAI system
can call to limit the potential damage if an agent is coerced
to perform unintended actions or vulnerabilities in the tools
are exploited.
Control Family:
Identity and Access Management
Related Threats
| ID | Title | Description | External Mappings | Capability Mappings | Control Mappings |
|---|---|---|---|---|---|
| CCC.GenAI.TH06 | Unintended Action by a Model-Based Agent | A model-based agent, given the authority to execute tools or interact with APIs, may perform an action that is harmful, incorrect, or not aligned with the user's true intent in response to a prompt. This can be caused by the model misinterpreting an ambiguous prompt or being manipulated by an adversary into misusing its delegated authority. | 4 | 1 | 0 |
| CCC.GenAI.TH07 | Insecure Plugin | A plugin integrated with a GenAI model may contain vulnerabilities such as poor input validation or improper access control. An adversary may exploit these flaws by crafting a prompt that causes the model to pass a malicious payload to the plugin, potentially leading to system compromise, data exfiltration or privilege escalation. | 3 | 1 | 0 |
Related Capabilities
| ID | Title | Description |
|---|---|---|
| CCC.GenAI.CP25 | Plugin Integrations | Ability for the model to use tools to complete a model interaction. For example web search, python code execution or external maths engine. |
Guideline Mappings
| Reference ID | Entry ID | Strength | Remarks |
|---|---|---|---|
SAIF | Agent Permissions | 0 | - |