This paper introduces Exploit Class Deprecation as a governance principle for environments where AI systems can autonomously chain vulnerabilities, iterate attacks, and explore exploit paths without human limitations. Traditional security models evaluate risk based on the probability that a human attacker can weaponize a specific bug. In AI‑accelerated environments, this assumption no longer holds: exploitation becomes an environmental property rather than a human‑bounded probability. Exploit Class Deprecation reframes governance around redesigning the substrate so that entire categories of attack lose their leverage, independent of individual vulnerabilities. This principle aligns with emerging architectural patterns such as hardware‑bound credentials, memory‑safe languages, and capability‑based security. The full paper formalizes the invariants, design patterns, and substrate‑layer constraints required to govern agentic systems safely.
Narnaiezzsshaa Truong (Thu,) studied this question.