Skip to content

Agentic Exploits & Incidents #707

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Sep 6, 2025
Merged

Agentic Exploits & Incidents #707

merged 1 commit into from
Sep 6, 2025

Conversation

@guerilla7
Copy link
Collaborator

@guerilla7 guerilla7 commented Sep 5, 2025
edited by github-actions bot
Loading

Initial list of Agentic Incidents & Exploits

Table of Agentic incidents and exploits

Key Changes:

  • List major changes and core updates
  • Keep each line under 80 characters
  • Focus on the "what" and "why"

Added:

  • New features/functionality
  • New files/configurations
  • New dependencies

Changed:

  • Updates to existing code
  • Configuration changes
  • Dependency updates

Removed:

  • Deleted files/code
  • Removed dependencies
  • Cleaned up configurations

Generated Summary:

  • Added a new markdown file: ASI_Agentic_Exploits_Incidents.md.
  • This file serves as a master list for ASI Exploits and Incidents, aligning with the OWASP Top 10 for Agentic Applications.
  • The document facilitates analysis of real-world incidents, contributing to the understanding of vulnerabilities in agentic applications.
  • Outlined key guidelines for handling exploits and incidents, ensuring focus on agentic threats.
  • Included an extensive table listing various critical exploits and incidents, summarizing impacts and mapping to ASI Threats & Mitigations.
  • Notable incidents detailed include:
    • EchoLeak: Critical zero-click exploit leaking confidential data.
    • GitPublic Issue Repo Hijack: Exploit leading to private repo content leakage.
    • AgentSmith Prompt-Hub Proxy Attack: Incident of API key exfiltration.
  • This addition enhances resource availability for incident response and vulnerability reporting within the GenAI Security project.

This summary was generated with ❤️ by rigging

@guerilla7
Add files via upload
6904ea6 
Initial list of Agentic Incidents & Exploits

Signed-off-by: Ron F. del Rosario <[email protected]>
@guerilla7 guerilla7 requested a review from hoeg as a code owner September 5, 2025 05:10
@jsotiro jsotiro merged commit e8a71b7 into main Sep 6, 2025
3 checks passed
@jsotiro jsotiro deleted the guerilla7-patch-1 branch September 6, 2025 14:38
felipepenha pushed a commit to felipepenha/www-project-top-10-for-large-language-model-applications that referenced this pull request Dec 1, 2025
@jsotiro
Merge pull request OWASP#707 from OWASP/guerilla7-patch-1
bf88012 
Agentic Exploits & Incidents
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hoeg hoeg hoeg approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@guerilla7 @hoeg @jsotiro