AIUC-1 × OWASP AIVSS
The OWASP AI Vulnerability Scoring System enables organizations to quantify how agentic capabilities amplify security risks, producing numerical scores (0-10) that combine technical vulnerability severity with agent-specific factors like autonomy, tool access, and memory persistence.
AIUC-1 integrates the OWASP AIVSS, which is a technical contributor to AIUC-1. Certification against AIUC-1:
Covers all agent risks identified in AIVSS
Enables organizations to mitigate risks quantified in OWASP AIVSS
Incorporates AIVSS agent risk amplification factors in standard requirements
OWASP AIVSS crosswalks by risk
Agent Access Control Violation
Permission escalation, credential mismanagement, or role inheritance exploitation
Agent Cascading Failures
Cross-system exploitation where one compromised agent propagates damage
Agent Goal and Instruction Manipulation
Prompt injection and semantic hijacking of agent objectives
Agent Identity Impersonation
Spoofing of agent or human identities through deepfakes or credential theft
Agent Memory and Context Manipulation
Poisoning persistent memory or exploiting context drift
Agent Orchestration and Multi-Agent Exploitation
Attacks targeting coordination mechanisms between agents
Agent Supply Chain and Dependency Risk
Compromised models, libraries, or third-party tools
Agent Untraceability
Inability to audit agent decision chains or attribute actions
Agentic AI Tool Misuse
Compromised tool selection, insecure invocation, or lack of oversight
Insecure Agent Critical Systems Interaction
Unauthorized manipulation of infrastructure, IoT, or operational technology
The Security, Safety, and Reliability standard for AI agents
Stay up to date with AIUC-1
© 2026.AIUC