Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
Identifies Copilot Studio AI agents with Model Context Protocol (MCP) tools configured using maker credentials. This configuration can create security risks because the tool runs with the makers personal permissions. Any user interacting with the agent could indirectly gain access to resources the maker can access. I compromised, the agent could be used to perform actions with the makers privileges. Recommended Action: Replace maker credentials with secure alternatives like managed identities
| Attribute | Value |
|---|---|
| Type | Hunting Query |
| Solution | GitHub Only |
| ID | 7e9f6a0b-1c2d-3e4f-5a6b-7c8d9e0f1a2b |
| Tactics | CredentialAccess, PrivilegeEscalation |
| Techniques | T1078, T1552 |
| Source | View on GitHub |
This content item queries data from the following tables:
| Table | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|
AIAgentsInfo |
? | ✗ | ? |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊