Examples and Practice: Tool Injection and Excessive Agency¶
Worked Practice¶
- Write one paragraph explaining Tool Injection and Excessive Agency to a beginner.
- Draw the smallest diagram that shows input, transformation, output, and failure mode.
- Build or outline a tiny artifact connected to: Threat-model the Stage 6 agent.
- Measure it with: Track attacks, blocked actions, exposure, and residual risks.
- Add one failure case to your learning log.
Mini Project Drill¶
Create a file named notes/tool-injection-and-excessive-agency.md in your project workspace. Include:
- the problem Tool Injection and Excessive Agency solves
- the simplest implementation or design
- the measurement you used
- one example input
- one expected output
- one failure case
- one decision you would make from the result
Check Your Understanding¶
| Question | What a strong answer includes |
|---|---|
| Why does Tool Injection and Excessive Agency matter? | It connects to a threat model, red-team report, smart contract security lab, and tiny zkml or verifiable computation demo. and names a practical risk. |
| How would you test it? | It uses a small repeatable case and a measurable expected result. |
| What breaks first? | It names a specific failure mode, not only "the model is bad". |
| When should you move on? | When the artifact works on a realistic case and one edge case. |
Stretch Exercise¶
Revisit the same drill after finishing the next part. Update the note with what changed. This is how isolated concepts become connected system judgment.
Return to 9.1.2 Tool Injection and Excessive Agency.