https://stackresearch.org/tags/least-privilege/Recent content in Least Privilege on Stack ResearchHugoen-usSun, 29 Mar 2026 00:00:00 +0000https://stackresearch.org/research/agent-security-is-a-release-engineering-problem/Sun, 29 Mar 2026 00:00:00 +0000https://stackresearch.org/research/agent-security-is-a-release-engineering-problem/<p>On Tuesday, the agent reads a note.</p> <p>The note may be a webpage, a support transcript, a tool result, a migration record, or a line in a document somebody thought was harmless. Nothing dramatic happens. The session ends. The operator closes the tab. The team ships two other changes before lunch: a prompt tweak, a small retrieval adjustment, a new tool scope for a staging workflow.</p> <p>On Friday, the same system takes a different task. It answers a planning question, prepares a runbook, suggests a deployment path, or reaches for a tool under a credential it did not have on Tuesday. What matters is not the moment the bad state entered. What matters is that it survived.</p>https://stackresearch.org/research/nhi-asi-series-02-least-privilege-least-agency/Sat, 14 Feb 2026 00:00:00 +0000https://stackresearch.org/research/nhi-asi-series-02-least-privilege-least-agency/<p>A tool can look small from the agent&rsquo;s side and be large from the identity side.</p> <p>The interface says <code>lookup_order</code>. The agent sees a narrow verb: retrieve the order, summarize the status, maybe explain why a shipment is late. Underneath that verb, a service account authenticates to the CRM. It can read orders, update customer records, issue refunds, change shipping addresses, and export account history because those scopes made the first integration easy to ship.</p>