Trusq

factual analysis · traceable to primary sources

Topics Opportunities Take the check Work with us LinkedIn NL·EN
Explainer

AI agents and security: which risks and how to manage them?

Adopted 2026-06-28 · ≈ 1 min read · Dirk Baaijen

AI agents with tool access widen the attack surface: prompt injection, permission misuse and data leaks. Management requires least privilege, isolation, monitoring and human confirmation for sensitive actions — overlapping with NIS2 and the Cyber Resilience Act.

Short answer: An AI agent with tool access is more powerful and more risky than a chatbot: it can call systems and act. That widens the attack surface — think prompt injection, permission misuse and data leaks. Management revolves around least privilege, isolation, monitoring and human confirmation for sensitive actions.

The main risks

  • Prompt injection: malicious instructions hidden in data, email or web content the agent processes, causing it to take unintended actions.
  • Permission misuse: an agent with overly broad rights can, on error or manipulation, do more damage than intended.
  • Data leaks: sensitive data the agent carries to external models or tools.
  • Chain and vendor risk: the agent relies on model, cloud and tool providers; their weakness becomes yours.

Controls

Apply least privilege (only the tools and data needed), isolate sensitive systems behind explicit confirmation, and validate input the agent processes. Build monitoring and logging so anomalous behaviour stands out and is traceable. Never let irreversible or externally visible actions happen without a human or a hard boundary. For high-risk applications this aligns with the requirement of robustness and cybersecurity (AI Act art. 15).

Overlap with NIS2 and CRA

If you fall under NIS2, AI agents belong in your risk-management and supply-chain measures. If you supply or use products with digital elements, the Cyber Resilience Act may apply. Do not treat agent security in isolation, but as part of your existing cyber and supply-chain policy.

Lees ook: AI agent governance checklist and Human oversight of AI agents.

Sources

  1. https://eur-lex.europa.eu/eli/reg/2024/1689/oj
    Regulation (EU) 2024/1689 (AI Act), accuracy, robustness and cybersecurity (art. 15) for high-risk systems.
  2. https://eur-lex.europa.eu/eli/reg/2022/2555/oj
    Directive (EU) 2022/2555 (NIS2) — security and supply-chain measures.

Share on LinkedIn

Read next

W

AI and digital rules for manufacturing — overview

One entry point for manufacturing: which AI and digital rules affect production and products — from the Cyber Resilience Act and NIS2 to the Machinery Regulation and AI in industrial processes — each with a source-traceable file.

U

AI agent governance: a checklist for responsible deployment

If you deploy AI agents, arrange scope, permissions, oversight, logging, security and responsibility up front. This checklist runs through the governance points that set agents apart from ordinary AI tools.

A

Securing AI in critical infrastructure: where the AI Act, Cyber Resilience Act and NIS2 meet

A single AI system in a port often falls under three frameworks at once: the AI Act (Art. 15) secures the AI system itself, the Cyber Resilience Act the product, and NIS2 obliges the operator as an essential entity. This piece explains how they meet and who is responsible for what.

Dirk Baaijen

About this knowledge base

Compiled and maintained by YRproject — programme and project direction at the intersection of digital transformation, AI and regulation. Every factual claim is traceable to its primary source. YRproject is led by Dirk Baaijen About & method →

A project or programme? Work with YRproject →

The monthly briefing

AI regulation in five minutes: what changed, what is coming and what it means. No spam, unsubscribe anytime.

Your address is used for this only and stored on our own servers.