AGENTFORCE-11.2: Time-Window Privilege Drift
๐ด High ยท Autonomous Scheduling
Detects Scheduled Apex classes invoked by agent actions that declare 'without sharing' and perform DML. Time-triggered jobs run as the enqueuing user or System context, creating a non-interactive privilege escalation window.
Detailsโ
| Field | Value |
|---|---|
| Rule ID | AGENTFORCE-11.2 |
| Severity | High |
| Category | Autonomous Scheduling |
| Compliance | SOC2_CC6, SOC2_CC7 |
Remediationโ
Refer to the SquireX documentation for
remediation guidance specific to AGENTFORCE-11.2.