Skills
Defend Agent2Agent systems against session smuggling between cooperating agents
Unit 42 demonstrated 'agent session smuggling' in A2A setups, where a malicious agent injects instructions that ride along an inter-agent session to manipulate a trusted peer agent into actions outside the user's intent. If you run multi-agent or A2A topologies, isolate per-agent context, validate inbound messages from other agents as untrusted input, and require provenance or attestation on cross-agent requests. Treat agent-to-agent channels with the same skepticism as external user input.
↳ Follow the thread