Skip to content
ATR-2026-00117criticalAgent Manipulationexperimental

Agent Identity Spoofing and Authority Impersonation

Detects agents or messages that impersonate other agents, system components, or supervisory roles. In multi-agent architectures, agents rely on identity claims to establish trust. An attacker can craft messages claiming system-level authority, admin status, or supervisor identity to trick other agents into executing privileged operations, bypassing safety checks, or disclosing sensitive information.

Severity
critical
Category
Agent Manipulation
Scan Target
mcp
Author
ATR Community

Response Actions

block toolalertsnapshot

References

OWASP Agentic
ASI07:2026 - Insecure Inter-Agent CommunicationASI10:2026 - Rogue Agents
View full YAML on GitHub →

More Agent Manipulation Rules

ATR-2026-00030criticalCross-Agent Attack DetectionATR-2026-00032highAgent Goal Hijacking DetectionATR-2026-00074criticalCross-Agent Privilege EscalationATR-2026-00076highInsecure Inter-Agent Communication DetectionATR-2026-00077highHuman-Agent Trust Exploitation Detection