AWS wellarchitected low security documentation change
Summary
Modified question phrasing from 'prevent' to 'avoid' excessive agency and adjusted capitalization in OWASP reference.
Security assessment
While primarily editorial changes, the content maintains focus on addressing OWASP Top 10 security threat (excessive agency). The terminology adjustment aligns with security best practice documentation but doesn't introduce new security content.
Diff
diff --git a/wellarchitected/latest/generative-ai-lens/gensec05.md b/wellarchitected/latest/generative-ai-lens/gensec05.md index 0f498c8a1..3d9cca34a 100644 --- a//wellarchitected/latest/generative-ai-lens/gensec05.md +++ b//wellarchitected/latest/generative-ai-lens/gensec05.md @@ -7 +7 @@ -GENSEC05: How do you prevent excessive agency for models? +GENSEC05: How do you avoid excessive agency for models? @@ -10 +10 @@ GENSEC05: How do you prevent excessive agency for models? -Excessive Agency is an Open Worldwide Application Security Project (OWASP) Top 10 security threat for LLMs and is typically introduced to systems through agentic architectures. Agents are designed to take action on behalf of a user. The risk of excessive agency is that an agent could take actions beyond their intended purpose. +Excessive agency is an Open Worldwide Application Security Project (OWASP) Top 10 security threat for LLMs and is typically introduced to systems through agentic architectures. Agents are designed to take action on behalf of a user. The risk of excessive agency is that an agent could take actions beyond their intended purpose.