Least Privilege (Glossary): The Default Security Rule for Agents
Least privilege means granting only the minimum permissions needed for a task—critical for tool-enabled agents.
Least Privilege
Definition: Least privilege is granting only the minimum access necessary for a task, and nothing more.
Why It Matters for Agents
Tool-enabled agents can act. Overbroad permissions turn small mistakes into big incidents.
Consider the difference:
| Scenario | Narrow Permissions | Broad Permissions |
|---|---|---|
| Agent makes mistake | Limited damage | Widespread damage |
| Agent is manipulated | Can only affect limited scope | Can affect everything |
| Credential leaked | Access to one thing | Access to everything |
How to Implement
Step 1: Define the Minimum
Ask: "What's the absolute minimum this task needs?"
- Read-only when possible
- Single account, not all accounts
- Specific folders, not entire drives
Step 2: Start Restricted
Begin with the narrowest permissions that could work:
✅ "Read rows 1-10 of this spreadsheet"
❌ "Full access to Google Sheets"Step 3: Expand Only When Needed
If the task fails due to missing permissions, add them incrementally and document why.
Step 4: Add Approval Gates
For any action that could cause harm if wrong:
- Sending messages → require approval
- Deleting files → require approval
- Making purchases → require approval
- Posting publicly → require approval
Common Mistakes
| Mistake | Better Approach |
|---|---|
| "Just give it admin access" | Start with no access, add incrementally |
| "It needs to read everything" | Define specific data sources |
| "Approvals slow things down" | Approvals prevent disasters |