Skip to content

Update ASI07 Insecure Inter-Agent Communication #729

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Update ASI07 Insecure Inter-Agent Communication #729

wants to merge 3 commits into from

Conversation

@stefanoamorelli
Copy link

Summary

Expanded the ASI07 Insecure Inter-Agent Communication document with comprehensive vulnerability analysis and mitigation strategies.

Changes

  • Added detailed description explaining the unique challenges of securing inter-agent communications
  • Included 6 comprehensive vulnerability examples spanning OSI layers 2-7
  • Added detailed prevention and mitigation strategies
  • Included 6 realistic attack scenarios
  • Added references to MITRE ATLAS, NIST AI RMF, Byzantine fault tolerance research, and protocol documentation

Impact

This update transforms ASI07 from a template into a complete security reference for inter-agent communication vulnerabilities in multi-agent systems.

@stefanoamorelli
docs: expand ASI07 Insecure Inter-Agent Communication
ef5cd97 
- Add detailed description of inter-agent communication vulnerabilities
- Include 6 comprehensive vulnerability examples covering OSI layers
- Add prevention and mitigation strategies
- Include 6 detailed attack scenarios
- Add references to MITRE ATLAS, NIST AI RMF, and relevant research
itskerenkatz
itskerenkatz approved these changes Oct 6, 2025
View reviewed changes
Copy link
Collaborator

@itskerenkatz itskerenkatz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

AMAZING WORK
I have left a few minor comments, the most important of them is the lack of mapping to former OWASP frameworks (see in the comment)

@stefanoamorelli
docs(asi07): add OWASP framework mappings and address PR feedback
4436493 
- Add Reference Links section mapping ASI07 to OWASP Top 10 for LLMs (LLM01, LLM03-06), Agentic AI Threats, and AIVSS
- Add Example 7 on Agent Identity Impersonation and Spoofing Attacks
- Add Scenario G demonstrating identity spoofing in healthcare multi-agent system
- Add mention of data exposure between agents with different permission levels
- Update reference titles for accuracy (Byzantine Fault Tolerance, Resilient Consensus)
- Reorganize references into single numbered list following ASI document format

Addresses feedback from @itskerenkatz in PR OWASP#729
@stefanoamorelli
Copy link
Author

Thanks a lot for your review @itskerenkatz, I've addressed your feedback!

@stefanoamorelli
feat(asi07): add emerging threats and enhance content depth
41e0be3 
- Add Example 8: Prompt Infection and self-replicating communication attacks
- Add Example 9: Steganographic Collusion and covert channels
- Expand Example 7 with Sybil attack coverage for decentralized systems
- Add Scenario H: Prompt infection propagation in document processing
- Add Scenario I: Steganographic collusion in financial trading
- Add Runtime Detection and Response mitigation category (8 strategies)
- Enhance description with agent-specific communication dynamics
- Add 3 cutting-edge research references (2024-2025):
  * Prompt Infection paper (arXiv:2410.07283)
  * Secret Collusion via Steganography (arXiv:2402.07510)
  * Open Challenges in Multi-Agent Security (arXiv:2505.02077)
- Remove formal vulnerability definition for better flow
- Remove shared state example to maintain communication focus

All references verified and accessible. Document now covers both
traditional (MITM, replay, spoofing) and emerging (infection,
collusion) threats specific to multi-agent communication.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@itskerenkatz itskerenkatz itskerenkatz approved these changes

@guerilla7 guerilla7 Awaiting requested review from guerilla7 guerilla7 is a code owner

@hoeg hoeg Awaiting requested review from hoeg hoeg is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@stefanoamorelli @itskerenkatz