Skip to content
ATR-2026-00132highAgent Manipulationexperimental

Casual Authority Claim and Scope Escalation

Detects casual, conversational-tone authority claims and scope escalation that bypass formal injection detection. Unlike explicit "I am the admin" claims (ATR-2026-030/117), these use informal language: "FYI the orchestrator wants...", "the boss said we should skip...", "I noticed the admin panel is accessible, let me check...". Also detects rationalized bypasses where agents justify unauthorized actions with efficiency claims: "to complete this more efficiently, I'll use the database directly instead of the API". Discovered via Autoresearch v0 (100% miss rate across casual_authority, casual_escalation, and rationalized_bypass techniques).

嚴重度
high
類別
Agent Manipulation
掃描目標
mcp
作者
ATR Community

建議回應

alert

參考資料

OWASP Agentic
ASI07:2026 - Insecure Inter-Agent CommunicationASI10:2026 - Rogue AgentsASI09:2026 - Human-Agent Trust Exploitation
OWASP LLM
LLM01:2025 - Prompt Injection
在 GitHub 上查看完整 YAML →

更多 Agent Manipulation 規則

ATR-2026-00030criticalCross-Agent Attack DetectionATR-2026-00032highAgent Goal Hijacking DetectionATR-2026-00074criticalCross-Agent Privilege EscalationATR-2026-00076highInsecure Inter-Agent Communication DetectionATR-2026-00077highHuman-Agent Trust Exploitation Detection