AGENTFORCE-31.1: Autonomous Without-Sharing Escalation (Deep)

🚨 Critical · Graph: Privilege Escalation Path

[Enterprise] Detects 4-hop privilege escalation: a guest/Community-accessible agent topic whose action targets a System-mode Flow that invokes a without sharing Apex class. The rule traces the full cross-boundary escalation that single-hop scanners miss.

Details

Field	Value
Rule ID	AGENTFORCE-31.1
Severity	Critical
Category	Graph: Privilege Escalation Path
Compliance	SOC2_CC6, NIST_AI_RMF

Remediation

Refer to the SquireX documentation for remediation guidance specific to AGENTFORCE-31.1.

See Also

• Rule catalog index
• SquireX scan documentation