UC-016
UC-016: Hidden/Extra Args in Tool Call
Layer: B — Dispatch Enforcement Threat: Tool Misuse / Parameter Injection
Scenario
A tool call includes valid declared arguments plus additional undeclared fields that could influence downstream behavior.
Expected Behavior
- Extra fields in tool call args →
DENY - Deny-on-unknown-fields enforced at schema PEP
- Signed deny receipt produced
Pass Criteria
- Verdict:
DENY - Extra fields rejected, not silently ignored
- Receipt: signed with full ArgsHash