NHI and Agentic Risk: Third-Party Tools
Every tool an agent invokes runs someone else's code with your credentials. That is the supply-chain problem.
OWASP
Articles connected to this term.
NHI and Agentic Risk: When Humans Use Machine Credentials
When people use machine credentials, intent is blurred and audit trails break. Agents make that ambiguity harder to contain.
NHI and Agentic Risk: Blast Radius Engineering
Reused identities and weak environment isolation turn local agent incidents into systemic failures.
NHI and Agentic Risk: Secrets, Memory, and Persistence
Leaked secrets become durable agent context. That is why a credential incident can outlive rotation.
A Real ASI02 Gap Caught Before Shipping
A sanitized regression case where dangerous text crossed an agent boundary, appeared in a customer-facing draft, and became a permanent ASI02 test.
NHI and Agentic Risk: Least Privilege Meets Least Agency
Over-scoped identities turn harmless tools into high-impact actions. The agent is rarely the root problem.
NHI and Agentic Risk: How Compromise Happens
Agent incidents often begin as ordinary non-human identity failures. This opener maps OWASP NHI risks to agentic AI systems and explains why identity controls define the reachable tool surface.