Mitigation

AML.M0030Restrict AI Agent Tool Invocation on Untrusted Data

What it is

Untrusted data can contain prompt injections that invoke an AI agent's tools, potentially causing confidentiality, integrity or availability violations. It is recommended that tool invocation be restricted or limited when untrusted data enters the LLM's context. The degree to which tool invocation is restricted may depend on the potential consequences of the action. Consider blocking the automatic invocation of tools or requiring user confirmation once untrusted data enters the LLM's context. For high consequence actions, consider always requiring user confirmation.

References

  1. https://atlas.mitre.org/mitigations/AML.M0030

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

ATLAS
AI Agent Tool Invocation
ATLAS mitigation
Input and Output Validation for AI Agent Components
ATLAS mitigation
Human In-the-Loop for AI Agent Actions
ATLAS mitigation
Segmentation of AI Agent Components
ATLAS
AI Agent Tool Data Poisoning
ATLAS
LLM Data Leakage
Sourced from MITRE ATLAS — Adversarial Threat Landscape for AI Systems. Curated by Adam Lundqvist, SQUR.