AgentGuard: An Attribute-Based Access Control Framework for Tool-Use LLM-Based Agent
For developers of LLM-based agents, this framework offers a practical security solution with minimal integration effort.
AgentGuard is an attribute-based access control framework for LLM-based agents that addresses security risks like privacy leakage and financial loss. It requires only ~10 lines of code modification and provides three inspection mechanisms for single-tool and cross-tool risks.
LLM-based agents have recently attracted significant attention due to their ability to autonomously invoke relevant tools to accomplish complex tasks. However, recent studies have shown that these agents face severe security risks, which may lead to privacy leakage, financial loss, or even full system compromise. In this paper, we present AgentGuard, an attribute-based access control framework for tool-use LLM-based agents. AgentGuard adopts a client-server architecture. On the client side, AgentGuard provides lightweight integration for agents implemented in different programming languages and architectures. It requires only minor code modifications (e.g., around 10 lines) without changing the underlying agent execution logic. On the server side, AgentGuard provides three complementary inspection mechanisms to cover both single-tool and cross-tool security risks in agent execution. In addition, it offers a visualized front-end interface for security policy specification and runtime auditing. Currently, AgentGuard is publicly accessible at https://github.com/WhitzardAgent/AgentGuard.