They increase NHI risk because they expand credential creation beyond trained developers to designers, analysts, founders, and operations staff. Those users still need API keys, tokens, and service account secrets, but they may not have secure coding habits or clear ownership paths. That makes secret sprawl and revocation failures more likely.
Why This Matters for Security Teams
AI-assisted development changes who can create and use secrets, not just how code gets written. When product designers, analysts, founders, and operations staff can spin up scripts, agents, and integrations, the organisation gains speed but also creates more API keys, service accounts, and tokens outside traditional engineering controls. That widens the attack surface for leakage, over-privilege, and delayed revocation. NHI Management Group notes that only 20% of organisations have formal offboarding and revocation processes for API keys in its Ultimate Guide to NHIs, which is a clear warning sign for AI-enabled workflows.
The risk is not limited to generated code. AI copilots can suggest shortcuts, scaffold integrations, and encourage rapid connection to SaaS, cloud, and internal systems before ownership is clear. That means secret sprawl can appear faster than governance can track it. In practice, many security teams encounter NHI exposure only after a leaked key has already been reused across multiple tools, rather than through intentional access review or inventory discipline.
How It Works in Practice
AI-assisted workflows increase NHI risk because they collapse the gap between idea and execution. A non-developer can ask an agent to query data, push content, call an internal API, or automate a business process, and the workflow often needs a credential immediately. In mature environments, that should trigger request-scoped controls: workload identity, short-lived tokens, and policy checks at runtime. In less mature environments, teams fall back to static secrets in documents, notebooks, CI jobs, chat threads, or pasted snippets.
Best practice is evolving toward three controls working together. First, issue NIST Cybersecurity Framework 2.0 aligned access according to least privilege and ownership. Second, prefer ephemeral credentials with narrow TTLs so access expires automatically after a task completes. Third, tie requests to workload identity rather than person identity, so the system knows what the agent is and what it is allowed to do right now.
- Use just-in-time provisioning for keys and tokens instead of standing credentials.
- Bind secrets to a named workflow, service, or agent, not a shared team inbox.
- Track creation, usage, and revocation as separate lifecycle events.
- Require policy checks at execution time, not only during onboarding.
These controls are reinforced by the operational patterns discussed in Top 10 NHI Issues, especially around secret sprawl, rotation failure, and excessive privilege. They tend to break down when AI tools can create new integrations without a central approval path, because ownership becomes ambiguous before the first secret is even issued.
Common Variations and Edge Cases
Tighter control over AI-assisted development often increases friction, requiring organisations to balance developer speed against secret governance. That tradeoff is real: if every token request becomes a manual ticket, teams will route around the control. Current guidance suggests that the answer is not blanket restriction, but contextual approval with strong defaults, clear ownership, and automated expiry.
There is no universal standard for this yet, but several patterns are emerging. Shared agent workspaces need separate handling from individual developer sandboxes because one workflow can serve many users while still needing its own identity. Low-code and no-code platforms also create edge cases, since business users can unknowingly mint or embed credentials without understanding persistence or rotation. In those environments, the weakest point is often not the model itself but the connected SaaS account or service account behind it.
NHIMG research shows the scale of the problem in broad terms: Ultimate Guide to NHIs reports that 96% of organisations store secrets outside secret managers in vulnerable locations. That pattern becomes more dangerous when AI expands who can create those locations. For teams building with autonomous agents, the practical rule is simple: if the workflow can act without a human in the loop, the credential lifecycle must be shorter and the policy boundary must be stronger.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Agentic AI Top 10 and CSA MAESTRO address the attack and risk surface, while NIST AI RMF set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| OWASP Agentic AI Top 10 | A1 | Agentic workflows create new secret paths and tool access risks. |
| CSA MAESTRO | GOV | Governance is needed when AI workflows mint and use NHIs at speed. |
| NIST AI RMF | GOVERN | AI governance must cover autonomy, accountability, and operational risk. |
Classify each agent action, then constrain credentials and tools to the minimum runtime task.
