AGENTFORCE-20.2: Unconstrained ModifyAllData in Agent Context
๐จ Critical ยท Excessive Agency
Detects agent actions configured to run in system context (ModifyAllData equivalent), granting the LLM planner org-wide data access without user-scope constraints. v1 detection flags 'system' runningContext on GenAiFunction and ActionDef nodes.
Detailsโ
| Field | Value |
|---|---|
| Rule ID | AGENTFORCE-20.2 |
| Severity | Critical |
| Category | Excessive Agency |
| Compliance | SOC2_CC6, NIST_AI_RMF, EU_AI_ACT_HIGH_RISK |
Remediationโ
Refer to the SquireX documentation for
remediation guidance specific to AGENTFORCE-20.2.