Source Context & Analysis
Twelve cross-layer attack vectors and a five-dimensional threat taxonomy for everything that can go wrong when agents transact autonomously.
This is the first formal systematization-of-knowledge specifically on agentic-commerce security, distinct from generic LLM security or generic agent security. The 5×12 threat-taxonomy structure (5 dimensions × 12 attack vectors) gives the field a vocabulary it has been missing. Corpus-relevant moves: (1) Dimension D2 (transaction authorization) maps directly onto the AP2/ACP/MPP/x402 protocol set, validating the Taxonomy paper's framing that these are the operational primitives. (2) Dimension D3 (inter-agent trust) motivates the entire identity-standards cluster (ARIA, AIS-1, AID, ERC-8004) by showing what breaks without it. (3) Dimension D5 (regulatory compliance) closes the loop with D9 (Nannini). Coded definition_type 'taxonomic' because the paper's primary contribution is the threat-classification scheme rather than a model or framework.
Tags
Category D: Analytical and Regulatory
They analyze what Categories A through C will do to markets, workers, and systemic stability.