NetSuite Changelog
SecuritySecurityIntegrationNew FeatureRelease Notes

Technical Safeguards for External AI Agents in NetSuite

Technical safeguards help mitigate risks associated with external AI agents in NetSuite, enhancing security and compliance.

·3 min read·View Oracle Docs

TL;DR Opening

Technical safeguards are essential for managing the risks associated with external AI agents and large language models (LLMs) in NetSuite. This article discusses the potential threats, available controls, and strategies to mitigate these risks for both end-users and administrators.

Understanding the Risks of LLMs

The integration of AI agents and LLMs can introduce several significant risks to organizations:

  • Prompt Injection: This occurs when malicious actors insert hidden instructions into content processed by an LLM, potentially allowing unauthorized actions that can leak sensitive data.
  • Hallucination: AI agents might generate outputs that seem plausible but are actually inaccurate or entirely fabricated.

Consequences of Risks

Both prompt injection and hallucination can lead to:

  • Unintended Actions: The AI may execute commands such as unauthorized payments or approvals.
  • Data Corruption: Actions could lead to accidental deletion or modification of important data.
  • Sensitive Information Disclosure: There is a risk that confidential information could be accessed by unauthorized individuals.

Security Controls in NetSuite

While some risks are inherent to LLMs and cannot be completely eliminated, NetSuite provides several controls for administrators and users to mitigate the impact:

  • Controlled User Access: Administrators must explicitly grant MCP permissions to roles; no role has default access.
  • Permission Limitations: MCP tools operate under the same permissions as the user, ensuring that no high-level administrative actions can be executed inadvertently.
  • Restricted API Actions: MCP tools cannot run as elevated roles, invoke certain SuiteScript scripts, or send HTTP requests to external sites.
  • Logging and Traceability: All actions performed through MCP tools are logged for accountability.
  • User Consent: Each AI agent must obtain explicit consent during the OAuth 2.0 authorization process.

Enabling AI Agents in NetSuite

By default, the option to use external AI agents in NetSuite is disabled. Enabling this feature involves:

Steps for Account Administrators

  1. Assign MCP Permissions: Grant necessary permissions to users authorized to utilize AI agents.
  2. Install MCP Tools: Define the specific actions available to these external agents through installed MCP tools.
  • Important: Actions available to AI agents are limited to those permitted by the installed MCP tools, and only users with correct permissions can execute these functions.

Steps for End Users

  1. Configure an External AI Agent: Set up the agent within your NetSuite environment.
  2. Authorize Access: Ensure the agent is authorized to act on your behalf in NetSuite.

Mitigation Strategies

To combat known weaknesses like prompt injection and hallucination, consider the following mitigation strategies:

  • Vendor and Tool Trustworthiness: Only connect with reputed AI agents and trusted MCP tools.
  • Access Management: Limit MCP permissions to only necessary users, avoiding high-privilege accounts.
  • Scope Limitation: Only enable the MCP tools essential for business needs and control which tools are available to AI agents.
  • User Awareness: Educate users about the risks and ensure they are informed about confirming actions taken by AI agents.
  • Technical Safeguards: Run MCP tools with caution, especially those accessing local file systems, and prefer sandbox environments for enhanced security.

Compliance Risks

When using MCP, organizations should be aware of regulatory limitations concerning AI tools. Compliance may vary by location, particularly in sensitive areas like HR and finance, requiring careful consideration and adherence to applicable laws.

Source: This article is based on Oracle's official NetSuite documentation.

Key Takeaways

  • Use technical safeguards to minimize risks associated with external AI agents.
  • Prompt injection and hallucination can lead to unintended actions and data corruption.
  • MCP permissions must be tightly controlled to prevent unauthorized access.
  • User education and awareness are critical for safe AI usage.
  • Continuous monitoring and updates of permissions are essential for compliance and security.

Frequently Asked Questions (4)

Do I need to enable a feature flag to use external AI agents in NetSuite?
Yes, by default, the option to use external AI agents in NetSuite is disabled. Account administrators need to enable this feature by granting necessary MCP permissions to the desired users.
What permissions are required to operate MCP tools in NetSuite?
Administrators must assign MCP permissions explicitly since no role has default access. MCP tools operate under the same permissions as the user, ensuring that only authorized users can execute certain functions.
What are the potential risks associated with using external AI agents in NetSuite?
The main risks include prompt injection, where malicious instructions could cause unauthorized actions, and hallucination, where AI outputs incorrect or fabricated information, potentially leading to unintended actions, data corruption, or unauthorized disclosure of sensitive information.
How does NetSuite help mitigate risks from prompt injection and hallucination?
NetSuite mitigates these risks by enforcing controlled user access, restricting API actions, logging all activities for accountability, and requiring user consent for AI agents during OAuth 2.0 authorization. Additionally, administrators are advised to connect only with reputable AI agents and trusted MCP tools.
Source: Technical Safeguard Oracle NetSuite Help Center. This article was generated from official Oracle documentation and enriched with additional context and best practices.

Was this article helpful?

More in Security

View all Security articles →