AI/ML / Multi Agent Refarch / Threats / DEV

Model overreach and scope creep beyond validated use

CCC.MARefArc.TH14

Agents are used beyond their validated scope as users discover new applications or systems are repurposed without re-evaluation, producing unreliable outputs in untested contexts; weak registry scoping and orchestration boundaries accelerate the drift.

Related Capabilities

ID	Title	Description
CCC.MARefArc.CP06	Agent collaboration and orchestration patterns	Supports supervisor/worker decomposition, skills-based routing, and agent-as-a-tool handoff for decomposing and executing complex tasks across multiple agents.
CCC.MARefArc.CP03	Agent registry and lifecycle management	Catalog of available agents with their capabilities, metadata, and configuration, supporting versioning, lifecycle management, and controlled onboarding of new agents.

Related Controls

ID	Title	Description
CCC.MARefArc.CN02	User, Application, and Model Firewalling	Establish enforced trust boundaries between the user, the application, and the models and tools by routing all traffic through the agent, LLM, and MCP gateways where guardrails inspect and constrain requests and responses.
CCC.MARefArc.CN10	AI Firewall Implementation and Management	Implement and operate an AI firewall within the guardrail components that inspects prompts, content, and responses for injection, sensitive data, and policy violations.
CCC.MARefArc.CN11	Agent Authority Least Privilege Framework	Constrain each agent's authority to the minimum set of tools, APIs, and data required for its task, enforced by the runtime and MCP guardrails, and prevent permission creep during operation.
CCC.MARefArc.CN17	AI System Observability	Instrument every layer to emit logs, traces, metrics, and events to the Observability Layer so that behaviour, drift, availability, and data handling are continuously visible and auditable.

External Mappings

Framework	ID	Remarks
air-vec	AIR-OP-018