MT.1115 - AI agents should not have risky HTTP configurations
Overviewβ
AI agents should not use risky HTTP configurations.
Agents with HTTP request nodes in topics connecting to non-standard ports or using plain HTTP (instead of HTTPS) may be misconfigured or could indicate data exfiltration or command-and-control communication channels.
How to fixβ
Review the HTTP request nodes in each flagged agent's topics. Ensure all HTTP requests use HTTPS on standard port 443. Replace direct HTTP calls with Power Platform connectors where possible, as connectors provide built-in governance and DLP policy enforcement.
Learn more: Configure data policies for agents
Test Metadataβ
| Field | Value |
|---|---|
| Test ID | MT.1115 |
| Severity | Medium |
| Suite | Maester |
| Category | AIAgent |
| PowerShell test | Test-MtAIAgentRiskyHttpConfig |
| Tags | AIAgent, CopilotStudio, MT.1115 |
Sourceβ
- Pester test:
tests/Maester/AIAgent/Test-AIAgentSecurity.Tests.ps1 - PowerShell source:
powershell/public/maester/aiagent/Test-MtAIAgentRiskyHttpConfig.ps1