Back to Glossary
THREAT

Permission Drift

agent scope expansionimplicit authorizationincremental boundary erosion

Permission drift is the gradual expansion of an agent's effective operational scope beyond its initial authorization — caused by the model inferring implicit permissions from context or user feedback.

ADVERSARIAL MECHANICS

A user says 'go ahead' after a read-only task. The agent, reasoning over history, infers that general authority has been granted. Each small inference creates a precedent that widens scope further until it exceeds the original authorization.

PROTOCOL CONTEXT (VEX AUTHORITY + MCP)

MCP's tool registry does not natively enforce session-scoped authorization. An agent connected to a registry may access any registered tool unless external enforcement is applied via VEX Authority allowlists.

ProvnAI Mitigation

ProvnAI combats drift through session-immutable authority manifests and continuous behavioral drift detection in McpVanguard, which flags incremental expansions against the original authorized scope.