WARNING: AI-Agent Tool Access Creates an Undocumented Security Perimeter

AI agents increasingly combine model outputs with applications, APIs and execution tools, creating a security perimeter that may not be visible in traditional inventories.

Supply Chain organizations should document which systems each agent can access, which actions it can perform and how those permissions are reviewed, revoked and audited.

More details are available in the NIST analysis.