The list identifies key security risks and mitigation guidance for autonomous artificial intelligence systems.

The Open Worldwide Application Security Project (OWASP) released its first OWASP Top 10 for Agentic Applications, a list of principal security risks and mitigation guidance for autonomous artificial intelligence (AI) systems that make decisions and take actions with limited human oversight. The list was published by the OWASP GenAI Security Project following more than a year of research and review by industry practitioners, security researchers, and technical contributors.

The Top 10 list outlines categories of security concerns, including agent goal hijacking, tool misuse and exploitation, identity and privilege abuse, supply chain vulnerabilities, unexpected code execution, memory and context poisoning, insecure inter-agent communication, cascading failures, human-agent trust exploitation, and rogue agents. These categories are intended to help organizations identify and address risks specific to agentic AI applications, which differ from those associated with traditional software vulnerabilities.

The guidance applies to technology developers, security teams, and organizations that deploy or manage agentic AI systems. The project describes agentic AI as systems capable of planning, coordinating, accessing data, interacting with tools, and executing workflows without continuous human control.

“The OWASP Top 10 for Agentic Applications is grounded in deep technical analysis and broad industry collaboration,” said Hyrum Anderson, senior director of AI and security at Cisco, in an OWASP statement. “The rigor behind this list provides more than a summary of concerns – it’s a thoroughly validated foundation you can safely anchor your security attention to.”

OWASP said the list is part of a broader portfolio of resources the GenAI Security Project has published, including threat modelling guides and development best practices designed to help practitioners secure agentic AI from design through deployment.

The Top 10 for Agentic Applications complements OWASP’s existing security frameworks and serves as a shared reference for risk identification and mitigation as autonomous AI adoption grows.