LLM AuthZ Handbook: A Practical Guide for AI Builders and Users (flatt.tech)

Software engineer Umeuchi published the "LLM AuthZ Handbook," a practical guide that reframes authorization control for environments that embed LLMs or AI agents. The handbook targets both “AI users” (developers who use LLMs in their workflows) and “AI builders” (product teams embedding LLMs), arguing that conventional, human-centric access control assumptions break down when agents act with autonomy. It frames the issue as urgent: misconfigured agent privileges can cause data leaks, unauthorized edits, or function misuse — risks now captured in OWASP’s LLM06:2025 “Excessive Agency.” Technically, the handbook reviews core authorization models (RBAC, ABAC, ReBAC) and the Principle of Least Privilege, then explains AI-specific failure modes: unpredictable agent behavior, expanded attack surfaces when agents access internal systems (e.g., for RAG), and the complexity of dynamically combining agent and user permissions. It highlights three root causes—excessive functionality, excessive permission, and excessive autonomy—and implies practical controls: minimize agent capabilities, apply fine-grained, context-aware policies that merge user and agent attributes safely, and enforce runtime checks (prompt/content inspection, filtering, and approval gates). For builders and integrators, the takeaway is to adapt authorization architecture and runtime guardrails to treat AI agents as distinct subjects whose agency must be constrained and audited.