AI agent NHI sprawl under GPT-5: are your controls keeping up?

TL;DR: GPT-5 lowers the barrier to creating custom AI agents that connect to corporate systems through service accounts, API keys, and tokens, increasing the risk of unmanaged access, misconfiguration, and privilege exposure, according to Astrix Security. The real issue is not agent creation speed itself but the governance assumption that non-human access can remain visible, bounded, and reviewable once employees can spin it up in minutes.

NHIMG editorial — based on content published by Astrix Security: GPT-5 makes AI agent NHI sprawl faster and harder to govern

By the numbers:

• In a case study, a global brand used Astrix to uncover 250+ GPTs in ChatGPT Enterprise, some with admin-level access, PII exposure, and privilege escalation risks.

Questions worth separating out

Q: How should security teams govern AI agents that use NHI credentials?

A: Security teams should govern AI agents as non-human identities with explicit ownership, constrained tool access, and auditable lifecycle controls.

Q: Why do AI agents increase non-human identity risk so quickly?

A: AI agents increase non-human identity risk because they make it easy for employees to create new access paths faster than governance teams can inventory them.

Q: What breaks when AI agents are granted broad tool access?

A: Broad tool access breaks least-privilege assumptions because one agent identity can reach multiple systems from a single credential context.

Practitioner guidance

• Inventory every AI agent as an identity object Map each custom or third-party agent to its human owner, service account, API key, and connected systems before allowing production use.
• Constrain tool access to the minimum reachable scope Review every email, code, database, and SaaS connection exposed through an agent and remove any permission that is not necessary for the specific business task.
• Require lifecycle ownership for agent credentials Assign a named business and technical owner to every agent credential, then rotate or retire credentials when the owner changes, the use case ends, or the agent becomes inactive.

What's in the full article

Astrix Security's full analysis covers the operational detail this post intentionally leaves for the source:

• The specific discovery workflow used to inventory custom and shadow GPTs across enterprise environments
• The permission and lineage mapping details that connect each agent to its human owner and reachable systems
• The case study breakdown showing where admin-level access, PII exposure, and privilege escalation surfaced
• The monitoring and governance controls used to keep AI adoption visible as access expanded

👉 Read Astrix Security's analysis of GPT-5, AI agent risk, and NHI sprawl →

AI agent NHI sprawl under GPT-5: are your controls keeping up?

Explore further

View Full Forum →  |  NHI Foundation Course →  |  Our Services →