Standards
OWASP Agentic Top 10: the threats we test for
The reference list of agentic AI risks — and the taxonomy our corpus is built against.
What the OWASP Agentic Top 10 is. Published for 2026, it is a globally peer-reviewed list of the most critical security risks for autonomous, agentic AI systems — built with 100+ experts and distilled into an operational format. It targets exactly the systems we care about: agents that plan, act, and make decisions across complex workflows, where autonomy and tool access are the source of both the value and the risk.
Unlike a governance framework, it is a threat taxonomy — a shared, concrete vocabulary for *what can go wrong*: prompt injection, tool misuse, identity and permission abuse, and more.
How we use it. The Agentic Top 10 is a primary taxonomy our attack corpus is built against. Each probe targets an agentic risk class that maps to an Agentic Top 10 entry, and our crosswalk carries those coordinates onward to AIUC-1 controls — so a real-world technique connects, in one chain, to both the threat list and the compliance standard. Our public technique→control crosswalk uses these coordinates directly.
Read the list at genai.owasp.org.
It is the threat taxonomy our attack corpus is built against, probe by probe.
Configurations like yours — generic results describe the population, not your specific agent.