OWASP Top 10 for Agentic Applications community-curated failure-mode list for agentic AI

Why it matters for NETEVO

The OWASP Top 10 for Agentic Applications, published in December 2025, is the first community-curated agentic-AI failure-mode list, developed with more than 100 industry experts. It establishes a shared public vocabulary for the security risks specific to AI systems that plan, act and make decisions across workflows.

Two entries bear directly on delegated agent authority. ASI01 Agent Goal Hijack — the agent is redirected from its assigned objective — and ASI03 Identity and Privilege Abuse — the agent acts with authority it should not hold — together describe the failure pattern NETEVO terms the Implicit Authority Cascade (IAC). A third — ASI06 Memory and Context Poisoning — sits adjacent, where the cascade is realised through persisted context rather than a live prompt.

The list also gives public expression to the boundary that Bounded SaaS / Unbounded Agents describes. ASI02 Tool Misuse and Exploitation covers the failure mode in which the agent's unbounded reach extends through tools the SaaS layer expected to constrain, and ASI04 Agentic Supply Chain Vulnerabilities covers the failure mode in which the bounded SaaS layer is compromised through agent-mediated upstream weaknesses.