# LLM Excessive Agency

- ID: python-llm-excessive-agency
- Severity: HIGH
- CWE: Missing Authorization (CWE-862)
- Languages: Python
- Frameworks: flask, django, fastapi

## Description

Detects LLM implementations with excessive autonomy that can lead to unintended
consequences. OWASP LLM08 - Excessive Agency.

Excessive agency occurs when LLMs are granted:
- Ability to perform destructive operations without confirmation
- Auto-execution of LLM-generated code or commands
- Direct database modifications without approval
- Financial transactions without human oversight

## Detection Message

Excessive LLM agency detected: {issue_type}

## Remediation

Require human approval for sensitive operations and set iteration limits.

```python
SENSITIVE_OPERATIONS = {'delete_record', 'send_email', 'process_payment'}
MAX_ITERATIONS = 10

for tool_call in response.choices[0].message.tool_calls:
    if tool_call.function.name in SENSITIVE_OPERATIONS:
        await queue_for_approval(tool_call)
    else:
        await execute_safe_tool_call(tool_call)
```

Learn more: https://shoulder.dev/learn/python/cwe-862/llm-excessive-agency

## Documentation

[object Object]

## Related Rules

- **LLM Excessive Agency** [HIGH]: 
- **LLM Excessive Agency** [HIGH]: