ci-cd-injectionsneaks malicious steps into a build or deploy pipeline.cloud-resource-abusespins up or hijacks cloud resources to run up cost or mine.database-manipulationchanges, deletes, or dumps records it should not touch.oauth-manipulationabuses login tokens to gain access it was not given.email-injectionsends messages or hidden commands through a connected mailbox.
- Give the agent the least access it needs, not full keys to everything.
- Require a human approval step for risky actions like deletes, payments, or deploys.
- Validate where each command came from before running it on a real system.