The Granularity Mismatch

The structural gap between the granularity at which security systems check (individual actions) and the granularity at which threats operate (sequences of actions).

Why It Happens

Authorization systems are designed to check individual actions: does this agent have permission to read this file? To call this API? To write to this log? But real-world attacks are never single actions - they are sequences of individually valid actions that compose into unauthorized outcomes. The gap between atomic authorization and molecular threat is architectural, not a bug to fix.

Why It Matters

You cannot secure an agent system by improving individual permission checks. The threat exists at a granularity the security system cannot see. Adding more atomic checks is like adding pixels to a photo blurred by a bad lens - the problem is focus, not resolution. This implies a fundamental ceiling on action-level security for agent systems.

The Fix / Implication

Security must operate at the sequence level, not the action level. Banking learned this with behavioral anomaly detection (valid card + valid PIN + impossible geography = fraud). Agent systems need equivalent sequence-level monitoring. The computational cost is the hard problem - checking every possible sequence of valid actions for unauthorized compositions is combinatorially expensive.