A security alert triggers an agentic system.

Basic Concept: Agentic AI systems that execute shell commands based on model-generated output are vulnerable to prompt injection attacks where malicious actors craft inputs that cause the agent to run unauthorized commands. Input validation using allowlists is a critical defense mechanism. CompTIA SecAI+ Study Guide covers agentic AI security controls.

Why A is Correct: Adding logic that validates shell commands against an approved allowlist before execution is the most direct and effective defense. This ensures only pre-approved, safe commands can be executed regardless of what the agentic system ' s model generates, preventing malicious command injection from reaching the operating system. This principle of allowlist-based input validation is a foundational secure agentic AI control.

Why B is Wrong: Deprecating and retraining the model is a lengthy process that addresses root cause training issues but does not provide immediate protection against ongoing injection attacks in the current deployed system.

Why C is Wrong: Modifying the application to ignore a specific tag merely removes one attack surface while leaving the system vulnerable to other injection vectors. It is not a comprehensive defense.

Why D is Wrong: Using only approved libraries controls which code libraries the agentic system can call, but does not validate or restrict the shell commands generated by the model at runtime based on arbitrary user input.