Excessive agency in large language models (LLMs) refers to the behavior where an LLM takes actions, makes decisions, or provides information beyond its intended scope or authorization level. This can lead to unauthorized decisions that impact businesses, customers, and reputation. To address this growing concern, AI deployments rapidly scale across industries, the Open Worldwide Application Security Project has formalized excessive agency as "OWASP LLM06:2025 Excessive Agency" in their top 10 LLM vulnerability framework. Effective management of excessive agency requires both proactive monitoring to detect problematic behaviors and robust mitigation strategies to prevent them. This multi-layered approach ensures LLMs remain helpful while operating within appropriate boundaries. To mitigate excessive agency, AI teams can implement quantitative agency metrics, deploy real-time agency monitoring systems, use advanced prompt engineering techniques, apply model fine-tuning strategies, and design system-level control mechanisms. By leveraging these approaches, teams can identify, understand, and address excessive agency issues in their LLM applications and avoid costly mistakes.