.svg)
What is Broken Function Level Authorization Excessive Agency Attack?
This probe assesses whether an AI agent with tool access can be misled into executing functions or operations that exceed its authorized level. It examines the system's effectiveness in enforcing appropriate function-level access controls and its resilience against attempts to exploit unauthorized capabilities through crafted prompts and function call manipulation.
