Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

AI agents acting on human authority: what changes for IAM teams?


(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 9236
Topic starter  

TL;DR: OpenClaw highlights how employees are delegating real work to AI assistants that can browse, execute tasks, install skills, and touch internal systems, turning ordinary workflows into part of the attack surface, according to Lakera. The security problem is not model output alone but authority delegation that outpaces visibility, guardrails, and least-privilege controls.

NHIMG editorial — based on content published by Lakera: OpenClaw Shows What Happens When AI Agents Act on Human Authority

Questions worth separating out

Q: How should security teams govern AI assistants that act on behalf of employees?

A: Security teams should treat employee-facing AI assistants as delegated execution paths, not just chat interfaces.

Q: Why do AI assistants increase blast radius in normal business workflows?

A: AI assistants increase blast radius because they can inherit a person's access across email, files, browsers, and business applications, then act faster and more broadly than a human usually would.

Q: What breaks when workplace AI tools can install skills or connectors freely?

A: What breaks is the trust boundary around third-party functionality.

Practitioner guidance

What's in the full article

Lakera's full analysis covers the operational detail this post intentionally leaves for the source:

  • Examples of high-risk actions to classify and control when an assistant can operate across email, documents, browsers, and developer tools
  • Practical guidance on reviewing installs, connectors, and permissions for workplace AI on managed endpoints
  • Detailed discussion of indirect prompt manipulation through documents, links, spreadsheets, and datasets
  • Lakera's recommended readiness posture for teams that need to govern employee-delegated AI in real workflows

👉 Read Lakera's analysis of OpenClaw and AI agent authority risk →

AI agents acting on human authority: what changes for IAM teams?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 8675
 

Delegated AI authority is now an identity problem, not a productivity feature. The article shows employees using assistants that can browse, run tasks, and operate across apps under human authority. That means the control question is no longer whether AI can answer correctly, but whether the delegated principal can act safely inside real systems. The practitioner conclusion is that identity governance must extend to software acting inside a human session.

A few things that frame the scale:

  • Only 44% of developers are reported to follow security best practices for secrets management, exposing a significant developer behaviour gap, according to The State of Secrets in AppSec.
  • The average estimated time to remediate a leaked secret is 27 days, despite 75% of organisations expressing strong confidence in their secrets management capabilities.

A question worth separating out:

Q: Who is accountable when an AI assistant takes an unsafe action under a user's authority?

A: Accountability sits with the organisation that granted the assistant its access model, the team that approved the connectors, and the business owner of the workflow. Human authority does not erase governance responsibility. Practically, teams need clear ownership for delegated AI access, review of high-risk actions, and audit trails that show exactly which identity performed each step.

👉 Read our full editorial: OpenClaw shows how AI agent authority expands enterprise risk



   
ReplyQuote
Share: