Skip to main content
XOR
[THIRD-PARTY RISK]

Agentic Third-Party Risk

33% of enterprise software will be agentic by 2028. 40% of those projects will be canceled due to governance failures. A risk overview for CTOs.

The adoption curve

33% of enterprise software will include agentic AI by 2028 (Gartner). These agents use third-party skills, MCP servers, and tool integrations that most security teams have no process for vetting.

Three risk categories

Skill supply chain: 36.82% of agent skills have vulnerabilities. Protocol security: 7.2% of MCP servers are exploitable. Agent-to-agent trust: multi-agent systems enable 58-90% arbitrary code execution success rates.

33%
Enterprise software agentic by 2028
40%
Agentic projects canceled by 2027
36.82%
Agent skills with vulnerabilities

What CTOs need to know about agentic third-party risk

33% of enterprise software will include agentic AI by 2028, up from less than 1% in 2024 (Gartner). These agents use third-party skills, MCP servers, and tool integrations that most security teams have no process for vetting. 40% of agentic AI projects will be canceled by end of 2027 due to inadequate risk controls (Gartner). See agent governance for compliance frameworks.

Traditional vendor risk management evaluates software as a static artifact. Agentic third-party risk evaluates behavior: what an agent does with the tools you gave it, how it interacts with external services, and whether its outputs are safe to merge. This is a new risk category that existing security controls do not cover.

Three risk categories

Skill supply chain

36.82% of 3,984 agent skills have known vulnerabilities. 13.4% have critical issues including credential theft and data exfiltration (Snyk ToxicSkills, Feb 2026). See building secure skills.

Protocol security (MCP)

7.2% of 1,899 open-source MCP servers contain vulnerabilities. 5.5% exhibit tool poisoning. 85%+ of identified attacks compromise at least one platform. See MCP security.

Agent-to-agent trust

Multi-agent systems enable 58-90% success rates for arbitrary code execution. Some configurations reach 100% (arXiv:2503.12188). See agent attack landscape.

What traditional VRM misses

Traditional SAST/DAST

Finds code vulnerabilities in static artifacts

Traditional SCA

Finds dependency vulnerabilities in package manifests

XOR

Evaluates agent behavior: what the agent does with its tools, how skills interact, whether the output is safe to merge

Gap

No existing tool evaluates runtime agent behavior against third-party skill integrity

Key stats from published research

36.82%

Agent skills with any security flaw (of 3,984 audited)

Snyk ToxicSkills

85%+

MCP attacks compromising at least one platform

MCPSecBench

20%

Jailbreak success rate across 2,000+ LLM apps

Pillar Security

92%

AI vendors claiming broad data usage rights

Stanford CodeX

[NEXT STEPS]

Deep-dive pages

MCP server security →Agent attack landscape →Agent governance →OWASP agentic top 10 →Verified AgentSkills →Building secure skills →

FAQ

What is agentic third-party risk?

AI agents use external tools, MCP servers, and skills with real permissions. 36.82% of agent skills have vulnerabilities (Snyk ToxicSkills, 3,984 audited, Feb 2026). Traditional vendor risk management doesn't evaluate agent behavior.

How fast is agentic AI adoption growing?

33% of enterprise software will include agentic AI by 2028, up from less than 1% in 2024 (Gartner). 40% of agentic AI projects will be canceled by end of 2027 due to inadequate risk controls.

How does XOR address third-party agent risk?

XOR verifies agent behavior, not just agent code. The platform scans skills for vulnerabilities, checks MCP server integrity, and produces signed compliance evidence for every triage.

[RELATED TOPICS]

MCP Server Security

17 attack types across 4 surfaces. 7.2% of 1,899 open-source MCP servers contain vulnerabilities. Technical deep-dive with defense controls.

Open source supply chain risk index

Composite risk ranking of 200 open source projects by ecosystem importance, supply chain risk, downstream reach, and structural context. 585,601 projects scored.

OWASP Top 10 for Agentic Applications

The OWASP Agentic Top 10 mapped to real-world attack data and XOR capabilities. A reference page for security teams.

How Verification Works

Test agents on real vulnerabilities before shipping fixes.

Automated Vulnerability Patching

AI agents generate fixes for known CVEs. XOR verifies each fix against the vulnerability before it ships.

Benchmark Results

62.7% pass rate. $2.64 per fix. Real data from 1,920 evaluations.

See which agents produce fixes that work

128 CVEs. 15 agents. 1,920 evaluations. Agents learn from every run.