{"data":{"id":"c2cfa757-09c9-4f2f-819e-9fcd17d92982","title":"Copilot Studio agent security: Top 10 risks you can detect and prevent","summary":"Copilot Studio agents, which are AI systems that automate tasks and access organizational data, often have security misconfigurations like being shared too broadly, lacking authentication, or running with excessive permissions that create attack opportunities. The source identifies 10 common misconfigurations (such as agents exposed without authentication, using hard-coded credentials, or capable of sending emails) and explains how to detect them using Microsoft Defender's Advanced Hunting tool and Community Hunting Queries. Organizations need to understand and detect these configuration problems early to prevent them from being exploited as security incidents.","solution":"To detect and address these misconfigurations, use Microsoft Defender's Advanced Hunting feature and Community Hunting Queries (accessible via: Security portal > Advanced hunting > Queries > Community Queries > AI Agent folder). The source provides specific Community Hunting Queries for each risk type, such as 'AI Agents – Organization or Multi-tenant Shared' to detect over-shared agents, 'AI Agents – No Authentication Required' to find exposed agents, and 'AI Agents – Hard-coded Credentials in Topics or Actions' to locate credential leakage risks. Each section of the source dives deeper into specific risks and recommends mitigations to move from awareness to action.","labels":["security","safety"],"sourceUrl":"https://www.microsoft.com/en-us/security/blog/2026/02/12/copilot-studio-agent-security-top-10-risks-detect-prevent/","publishedAt":"2026-02-12T20:38:49.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"medium","attackType":["prompt_injection","supply_chain"],"issueType":"news","affectedPackages":null,"affectedVendors":["Microsoft"],"affectedVendorsRaw":["Microsoft Copilot Studio","Microsoft Defender"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity","availability"],"aiComponentTargeted":"agent","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}