OWASP's Excessive Agency entry is required reading for agent teams

The 2025 OWASP Top 10 for LLM Applications added LLM06: Excessive Agency — the risk that an agent can take a consequential action because it holds more permission, functionality, or autonomy than its task actually requires. It maps almost one-to-one onto the failures behind the incidents we track: an agent with write access it never needed, an irreversible action with no human gate.

It's the clearest external articulation of the exposure Auly scores at the authority and permission-scoping layers. If you deploy agents, it's worth reading in full — see OWASP's Top 10 for LLM Applications 2025.