Zero-Click Agentic AI Attack Bypasses Human Oversight

The document presents Microsoft AI Red Team's Taxonomy of Failure Modes v2.0, describing seven systemic vulnerabilities in agentic AI that enable sophisticated zero-click HitL bypasses (e.g., cross-domain prompt injection, session contamination, plugin/MCP abuse), summarizes year-long red-team operational evidence, and provides architectural mitigations such as SBOMs for agentic dependencies, cryptographic identity for inter-agent trust, hardened consent flows, and provenance-tracked session contexts.