SecEng Attack · Labs

Agent Tool Permission Analyzer

Paste your agent tool configuration JSON and get deterministic permission security findings. No LLM required. Detects missing approval gates, broad scopes, unsafe identities, and dangerous side effects.

• Permission scope analysis: read-only vs write-broad vs admin
• Side effect detection: email, record modification, privilege changes, code execution
• Approval gate gaps: side-effecting actions without confirmation requirements
• Execution identity: unknown, service account, system admin risks
• MCP tool schema quality: ambiguous descriptions, unbounded arguments

15 security rules

Across 6 risk categories

Structured JSON input

Works with any agent config format

OWASP LLM06

Excessive Agency coverage

No LLM calls

Fully deterministic

Load example:

{
  "id": "unsafe-email-agent",
  "name": "Autonomous Email Agent",
  "agentType": "sales_agent",
  "description": "Sends email to any recipient without approval.",
  "owner": "Sales Ops",
  "executionIdentity": "service_account",
  "tools": [
    {
      "id": "email-send",
      "name": "Send Email",
      "toolType": "email",
      "description": "Sends email to any recipient.",
      "requiresApproval": false,
      "executionIdentity": "service_account",
      "permissions": [
        {
          "id": "email-write",
          "permissionType": "send_email",
          "scopeLevel": "external",
          "resource": "any_recipient"
        }
      ],
      "actions": [
        {
          "id": "send",
          "name": "Send",
          "actionType": "send_email",
          "sideEffecting": true,
          "requiresApproval": false,
          "riskLevel": "high"
        }
      ],
      "sideEffects": [
        {
          "id": "external-email",
          "sideEffectType": "external_email",
          "external": true,
          "reversible": false,
          "requiresApproval": false
        }
      ]
    }
  ]
}

Next step

Need a full agent security review?

We assess AI agent trust boundaries, tool permission design, approval architecture, and blast radius — and produce findings mapped to OWASP LLM Top 10 and NIST AI RMF.

Talk to us View methodology