Back to Catalog
Owasp Agentic AI
top10_2026
ASI05 - Unexpected Code Execution
Agent generates and executes code or commands that compromise the host system.
Intent & Description
'
🎯 Intent
Prevent agents from executing arbitrary or malicious code that could compromise the underlying system.
📋 Context
Agents with code execution capabilities can be manipulated into generating and running harmful code, including system commands, file operations, or network requests.
💡 Solution
Sandbox all code execution environments. Use allowlists for permitted operations. Implement code review before execution. Apply resource limits. Monitor executed code. Use containerized execution with minimal permissions.'
Real-world Use Case
Use when agents can generate, modify, or execute code, scripts, or system commands.
📌 TL;DR
Sandbox agent code execution. Use allowlists, review code before running, apply resource limits, containerize environments.
Advantages
- Prevents system compromise
- Limits code execution scope
- Enables execution auditing
- Supports safe code generation
Disadvantages
- Sandboxing reduces capabilities
- Code review adds latency
- Allowlists require maintenance