Insecure integration with external tools, plugins and APIs
Connecting the system to external tools/plugins/APIs introduces injection, data-exfiltration, sandbox-escape, or unintended-action vectors.
- Risk family
- Security & adversarial
- MIT domain
- 7. AI System Safety, Failures, & Limitations
- MIT subdomain
- 7.2 > AI possessing dangerous capabilities
- AI type
- GPAI, Agentic
- Scope
- System
- Source standard
- MIT AI Risk Repository v4
Provenance
Framework crosswalk
Every framework item mapped to this risk. Items marked partial overlap only in part; definitions appear on hover where the source licence permits.
- A.11 ISO/IEC 23894 Annex A A.11
- A.10.3 ISO/IEC 42001 Annex A A.10.3
- A.6.2.5 ISO/IEC 42001 Annex A A.6.2.5
- ibm-attack-on-ai-agents-external-resources Attack on AI agents' external resources
- AISubtech-12.1.1 Parameter Manipulation
- AISubtech-12.1.2 Tool Poisoning
- AISubtech-12.1.3 Unsafe System / Browser / File Execution
- AISubtech-12.1.4 Tool Shadowing
- NISTAML.039 Compromising connected resources
- LLM05:2025 Improper Output Handling partial
- LLM06:2025 Excessive Agency
- ASI02 Tool Misuse and Exploitation
Part of the Deployer AI Risk Register, an open-source resource developed by MindXO. Version 1.0, 3 July 2026. Derived from the MIT AI Risk Repository (V4, December 2025) under CC BY 4.0; an independent derivative work, not endorsed by or affiliated with MIT. Sub-risk decomposition references MITRE ATLAS™ v5.6.0 (© 2021-2026 The MITRE Corporation, reproduced and distributed with permission). ISO/IEC and EU AI Act references are by number only. License: CC BY 4.0. Full attribution and licensing.