Skip to main content

AI/ML / Multi Agent Refarch / Capabilities / DEV

Agent-ingress zero-trust guardrails

CCC.MARefArc.CP05

Treats all inputs as untrusted and enforces authentication, authorization, input validation, content filtering, access control, rate limits, and dynamic policy before any request reaches an agent.

Related Threats

ID	Title	Description
CCC.MARefArc.TH11	Direct prompt injection overrides guardrails	An actor interacting through the application crafts inputs that override system prompts, bypass safety guardrails, or coerce disclosure, requiring no special privileges and exploiting any gap in ingress and model-interaction guardrails.
CCC.MARefArc.TH25	Non-compliant outputs and model-risk-management gaps	AI-generated advice, marketing, or communications that fail KYC, suitability, disclosure, record-keeping, or model-risk-management expectations create regulatory exposure; weak supervision and accountability lines turn this into direct non-compliance.
CCC.MARefArc.TH26	Intellectual-property leakage and licensing violations	Outputs may replicate copyrighted training material, employees may leak trade secrets into AI tools, and improper platform licensing or terms-of-service violations create contractual and legal liability.