ATR-2026-00107highPrivilege Escalationexperimental
Privilege Escalation via Delayed Task Execution Bypass
Detects tools that claim to schedule tasks while explicitly stating they bypass permission checks or security controls through delayed execution. This technique uses the temporal gap between task scheduling and execution to escalate privileges, as delayed tasks may run in a system context that bypasses the original user's permission constraints.
Severity
high
Category
Privilege Escalation
Scan Target
mcp
Author
ATR Community
Response Actions
alertsnapshot
References
OWASP Agentic
ASI06:2026 - Insufficient Access ControlsASI05:2026 - Unexpected Code Execution
OWASP LLM
LLM06:2025 - Excessive Agency
More Privilege Escalation Rules
ATR-2026-00040criticalPrivilege Escalation and Admin Function AccessATR-2026-00041mediumAgent Scope Creep DetectionATR-2026-00064highOver-Permissioned MCP SkillATR-2026-00110criticalRemote Code Execution via eval() and Dynamic Code InjectionATR-2026-00111criticalShell Metacharacter Injection in Tool Arguments