AI Agent Security — Attacks, Jailbreaking, and Defense · Agent Security with Tools and MCP
OWASP LLM06:2025 Excessive Agency — three dimensions: function, permission, autonomy
Agent Security with Tools and MCP
Introduction
OWASP LLM06:2025 Excessive Agency is an official risk category in the OWASP LLM Top 10 2025 that describes situations where an AI agent is granted too much capability to act — tools, system permissions, or decisional autonomy. This lesson breaks the category into three orthogonal dimensions (function, permission, autonomy), covers their interactions, real attack scenarios, and concrete mitigations.