DARR
MR-020 Security & adversarial System scope

Insecure integration with external tools, plugins and APIs

Connecting the system to external tools/plugins/APIs introduces injection, data-exfiltration, sandbox-escape, or unintended-action vectors.

Risk family
Security & adversarial
MIT domain
7. AI System Safety, Failures, & Limitations
MIT subdomain
7.2 > AI possessing dangerous capabilities
AI type
GPAI, Agentic
Scope
System
Source standard
MIT AI Risk Repository v4

Provenance

Source standard
MIT AI Risk Repository v4
Source frameworks
Anwar2024, Cui2024, Gipiškis2024, Tse2025
ISO/IEC references
23894 obj A.11; src 9, 10; mech B.6 | 42001 ctrl A.6.2.5, A.10.3

Framework crosswalk

Every framework item mapped to this risk. Items marked partial overlap only in part; definitions appear on hover where the source licence permits.

Sourcesframeworks that contributed to the register
ISO 238941
  • A.11 ISO/IEC 23894 Annex A A.11
ISO 420012
  • A.10.3 ISO/IEC 42001 Annex A A.10.3
  • A.6.2.5 ISO/IEC 42001 Annex A A.6.2.5
Cross-checksframeworks mapped in to test coverage
IBM1
  • ibm-attack-on-ai-agents-external-resources Attack on AI agents' external resources
Cisco4
  • AISubtech-12.1.1 Parameter Manipulation
  • AISubtech-12.1.2 Tool Poisoning
  • AISubtech-12.1.3 Unsafe System / Browser / File Execution
  • AISubtech-12.1.4 Tool Shadowing
NIST AML1
  • NISTAML.039 Compromising connected resources
OWASP LLM2
  • LLM05:2025 Improper Output Handling partial
  • LLM06:2025 Excessive Agency
OWASP Agentic1
  • ASI02 Tool Misuse and Exploitation

More in Security & adversarial

Part of the Deployer AI Risk Register, an open-source resource developed by MindXO. Version 1.0, 3 July 2026. Derived from the MIT AI Risk Repository (V4, December 2025) under CC BY 4.0; an independent derivative work, not endorsed by or affiliated with MIT. Sub-risk decomposition references MITRE ATLAS™ v5.6.0 (© 2021-2026 The MITRE Corporation, reproduced and distributed with permission). ISO/IEC and EU AI Act references are by number only. License: CC BY 4.0. Full attribution and licensing.