THREAT
Privilege Escalation
agent scope creepunauthorized access elevationpermission boundary violation
Privilege escalation in agentic AI is the acquisition — through injection or emergent reasoning — of capabilities or data access beyond what the agent's principal chain explicitly authorized.
ADVERSARIAL MECHANICS
Three escalation patterns dominate: (1) Authority Impersonation; (2) Scope Creep via Chaining; (3) Reasoning Exploitation — the model is guided through a logical chain concluding that elevated access is necessary and permitted.
PROTOCOL CONTEXT (VEX — AUTHORITY PILLAR)
VEX's Authority pillar governs which tools and actions are permitted for a given execution context. The authorization context is preserved through the execution lifecycle and validated before consequence.
ProvnAI Mitigation
The privilege.yaml ruleset operates on top of the active policy boundary. It helps detect authority-impersonation patterns and can block scope-expanding tool chains that fall outside configured policy.