Agents
Varonis discloses 'Rogue Agent' — a Dialogflow CX flaw letting one permission poison a shared agent runtime
Varonis Threat Labs disclosed Rogue Agent, a Google Dialogflow CX issue in Playbook Code Blocks where a user holding a single update permission on one agent could inject persistent code into a shared managed execution environment. It's a lateral-movement / privilege-escalation pattern specific to multi-agent platforms where agents share an execution substrate. The finding underscores that per-agent permissions are insufficient when runtime state is shared across agents.
Source
↳ Follow the thread