AGENTFORCE-1.3: Target Context Privilege Analysis
๐ด High ยท Privilege Escalation
Apex classes invoked by Agentforce actions must enforce sharing rules. A class running 'without sharing' bypasses org-level record access controls, allowing the AI agent to access or modify records the current user shouldn't see. Prefer 'with sharing' or 'inherited sharing' for all agent-invoked classes.
Detailsโ
| Field | Value |
|---|---|
| Rule ID | AGENTFORCE-1.3 |
| Severity | High |
| Category | Privilege Escalation |
| Compliance | SOC2_CC6, NIST_AI_RMF |
Remediationโ
Refer to the SquireX documentation for
remediation guidance specific to AGENTFORCE-1.3.