The vocabulary of agent authority.
Short, operational definitions for the terms that matter when AI agents get real tools: runtime authorization, MCP security, prompt injection, human review, and policy-as-code. Each entry explains where the concept lands in production.
Use this glossary
The terms below are organized by the part of the agent system they touch. If you came here from a policy file, a docs page, or a security write-up, pick the matching category. If you are doing a security review, read Authorization and Agent Security back-to-back. Cross-links at the bottom of each entry connect to product pages, compliance briefs, and integration guides.
Authorization
Concepts that govern what an agent is allowed to do at the moment it tries to do it.
Authorization decisions made at action time against current context, not at deploy time.
Agent AuthorizationDeciding what an agent identity is allowed to do, separate from the human who started it.
Tool-Call AuthorizationIntercepting each tool invocation and deciding allow, block, or require-approval before execution.
The Authorization GapThe space between being signed in and what an agent should be allowed to do with a tool.
MCP
Model Context Protocol security and gateway patterns.
Agent Security
Threats and attack patterns that target LLM-driven agents.
Manipulating an LLM by smuggling instructions into its input. OWASP LLM01.
Indirect Prompt InjectionHidden instructions embedded in content the agent reads, like a webpage or a document.
OWASP LLM06: Excessive AgencyTop-ten risk for LLM apps: an agent has more capability than the situation justifies.
Excessive AgencyWhen an agent's capability set exceeds its actual authority. The root cause behind most agent incidents.
Patterns
Human oversight and approval patterns adapted from finance and ops for AI agents.
Compliance
How to express, version, and verify agent controls.
Agent governance terms
New definitions for the vocabulary buyers use when agent actions need proof, policy, and approval.
Agent runtime governance defined for AI agent teams building runtime authorization, approval, and audit controls.
Pre-action authorizationPre-action authorization defined for AI agent teams building runtime authorization, approval, and audit controls.
Tool-call audit trailTool-call audit trail defined for AI agent teams building runtime authorization, approval, and audit controls.
Approval gatesApproval gates defined for AI agent teams building runtime authorization, approval, and audit controls.
Approval fatigueApproval fatigue defined for AI agent teams building runtime authorization, approval, and audit controls.
Policy enforcement pointPolicy enforcement point defined for AI agent teams building runtime authorization, approval, and audit controls.
Policy decision pointPolicy decision point defined for AI agent teams building runtime authorization, approval, and audit controls.
Agent service accountAgent service account defined for AI agent teams building runtime authorization, approval, and audit controls.
Capability versus authorityCapability versus authority defined for AI agent teams building runtime authorization, approval, and audit controls.
Action-level evidenceAction-level evidence defined for AI agent teams building runtime authorization, approval, and audit controls.
Signed decision recordSigned decision record defined for AI agent teams building runtime authorization, approval, and audit controls.
Agent action ledgerAgent action ledger defined for AI agent teams building runtime authorization, approval, and audit controls.
Deterministic guardrailsDeterministic guardrails defined for AI agent teams building runtime authorization, approval, and audit controls.
Review-required actionReview-required action defined for AI agent teams building runtime authorization, approval, and audit controls.
Tool scope creepTool scope creep defined for AI agent teams building runtime authorization, approval, and audit controls.
Use these definitions at the tool boundary.