AWS Security ChangesHomeSearch

AWS wellarchitected low security documentation change

Service: wellarchitected · 2025-11-22 · Security-related low

File: wellarchitected/latest/generative-ai-lens/gensec05.md

Summary

Modified question phrasing from 'prevent' to 'avoid' excessive agency and adjusted capitalization in OWASP reference.

Security assessment

While primarily editorial changes, the content maintains focus on addressing OWASP Top 10 security threat (excessive agency). The terminology adjustment aligns with security best practice documentation but doesn't introduce new security content.

Diff

diff --git a/wellarchitected/latest/generative-ai-lens/gensec05.md b/wellarchitected/latest/generative-ai-lens/gensec05.md
index 0f498c8a1..3d9cca34a 100644
--- a//wellarchitected/latest/generative-ai-lens/gensec05.md
+++ b//wellarchitected/latest/generative-ai-lens/gensec05.md
@@ -7 +7 @@
-GENSEC05: How do you prevent excessive agency for models?  
+GENSEC05: How do you avoid excessive agency for models?  
@@ -10 +10 @@ GENSEC05: How do you prevent excessive agency for models?
-Excessive Agency is an Open Worldwide Application Security Project (OWASP) Top 10 security threat for LLMs and is typically introduced to systems through agentic architectures. Agents are designed to take action on behalf of a user. The risk of excessive agency is that an agent could take actions beyond their intended purpose. 
+Excessive agency is an Open Worldwide Application Security Project (OWASP) Top 10 security threat for LLMs and is typically introduced to systems through agentic architectures. Agents are designed to take action on behalf of a user. The risk of excessive agency is that an agent could take actions beyond their intended purpose.