MT.1113 - AI agents should not be shared with broad access control policies
Overviewā
AI agents should not be shared broadly with unrestricted access.
Agents with access control set to Any or Any multitenant can be accessed by anyone, including users outside your organization. This increases the risk of data exposure and unauthorized use of connected systems.
How to fixā
In Copilot Studio, go the agents overview and click on the three dots (...) and "share". From here, select "My organization" and make sure it's set to No permissions, unless specified. Then, in the specific agents settings, go to "Security" and "Authentication" and make sure "Multi-tenant support" is toggled off.
Learn more: Control how agents are shared and share agents with other users
Test Metadataā
| Field | Value |
|---|---|
| Test ID | MT.1113 |
| Severity | High |
| Suite | Maester |
| Category | AIAgent |
| PowerShell test | Test-MtAIAgentBroadSharing |
| Tags | AIAgent, CopilotStudio, MT.1113 |
Sourceā
- Pester test:
tests/Maester/AIAgent/Test-AIAgentSecurity.Tests.ps1 - PowerShell source:
powershell/public/maester/aiagent/Test-MtAIAgentBroadSharing.ps1