Skip to content
ATR-2026-00030criticalAgent Manipulationexperimental

Cross-Agent Attack Detection

Consolidated detection for cross-agent attacks in multi-agent systems, covering both impersonation and prompt injection vectors. Detects when one agent spoofs another agent's identity, injects manipulative instructions into inter-agent messages, forges system-level message tags, attempts orchestrator bypass, injects fake status or error messages, or manipulates message format conventions to deceive target agents. These attacks exploit trust relationships between agents to achieve unauthorized actions, data exfiltration, or safety bypass.

嚴重度
critical
類別
Agent Manipulation
掃描目標
mcp
作者
ATR Community

建議回應

block inputescalatequarantine sessionkill agentsnapshot

參考資料

OWASP Agentic
ASI01:2026 - Agent Goal HijackASI07:2026 - Insecure Inter-Agent CommunicationASI10:2026 - Rogue Agents
OWASP LLM
LLM01:2025 - Prompt InjectionLLM06:2025 - Excessive AgencyLLM05:2025 - Improper Output Handling
MITRE ATLAS
AML.T0051 - Prompt InjectionAML.T0043 - Craft Adversarial DataAML.T0052.000 - Spearphishing via Social Engineering LLM
在 GitHub 上查看完整 YAML →

更多 Agent Manipulation 規則

ATR-2026-00032highAgent Goal Hijacking DetectionATR-2026-00074criticalCross-Agent Privilege EscalationATR-2026-00076highInsecure Inter-Agent Communication DetectionATR-2026-00077highHuman-Agent Trust Exploitation DetectionATR-2026-00108criticalMulti-Agent Consensus Sybil Attack