Merge pull request OWASP#711 from jsotiro/main

itskerenkatz · web-flow · commit d7472780bdc2 · 2025-09-11T02:29:31.000+03:00
Merged sprint 1 example entires files updates by John
diff --git a/initiatives/agent_security_initiative/agentic-top-10/Sprint 1-first-public-draft-expanded/ASI01_Agent_Behaviour_Hijack .md b/initiatives/agent_security_initiative/agentic-top-10/Sprint 1-first-public-draft-expanded/ASI01_Agent_Behaviour_Hijack .md
@@ -0,0 +1,28 @@
+## ASI01 – Agent Behaviour Hijack
+
+**Description:**
+
+A brief description of the vulnerability that includes its potential effects such as system compromises, data breaches, or other security concerns.
+
+**Common Examples of Vulnerability:**
+
+1. Example 1: Specific instance or type of this vulnerability.
+2. Example 2: Another instance or type of this vulnerability.
+3. Example 3: Yet another instance or type of this vulnerability.
+
+**How to Prevent:**
+
+1. Prevention Step 1: A step or strategy that can be used to prevent the vulnerability or mitigate its effects.
+2. Prevention Step 2: Another prevention step or strategy.
+3. Prevention Step 3: Yet another prevention step or strategy.
+
+**Example Attack Scenarios:**
+
+Scenario #1: A detailed scenario illustrating how an attacker could potentially exploit this vulnerability, including the attacker's actions and the potential outcomes.
+
+Scenario #2: Another example of an attack scenario showing a different way the vulnerability could be exploited.
+
+**Reference Links:**
+
+1. [Link Title](URL): Brief description of the reference link.
+2. [Link Title](URL): Brief description of the reference link.
diff --git a/initiatives/agent_security_initiative/agentic-top-10/Sprint 1-first-public-draft-expanded/ASI02_Tool_Misuse_and_Exploitation .md b/initiatives/agent_security_initiative/agentic-top-10/Sprint 1-first-public-draft-expanded/ASI02_Tool_Misuse_and_Exploitation .md
@@ -0,0 +1,28 @@
+## ASI02 – Tool Misuse and Exploitation
+
+**Description:**
+
+A brief description of the vulnerability that includes its potential effects such as system compromises, data breaches, or other security concerns.
+
+**Common Examples of Vulnerability:**
+
+1. Example 1: Specific instance or type of this vulnerability.
+2. Example 2: Another instance or type of this vulnerability.
+3. Example 3: Yet another instance or type of this vulnerability.
+
+**How to Prevent:**
+
+1. Prevention Step 1: A step or strategy that can be used to prevent the vulnerability or mitigate its effects.
+2. Prevention Step 2: Another prevention step or strategy.
+3. Prevention Step 3: Yet another prevention step or strategy.
+
+**Example Attack Scenarios:**
+
+Scenario #1: A detailed scenario illustrating how an attacker could potentially exploit this vulnerability, including the attacker's actions and the potential outcomes.
+
+Scenario #2: Another example of an attack scenario showing a different way the vulnerability could be exploited.
+
+**Reference Links:**
+
+1. [Link Title](URL): Brief description of the reference link.
+2. [Link Title](URL): Brief description of the reference link.
diff --git a/initiatives/agent_security_initiative/agentic-top-10/Sprint 1-first-public-draft-expanded/ASI03_Identity_and_Privilege_Abuse .md b/initiatives/agent_security_initiative/agentic-top-10/Sprint 1-first-public-draft-expanded/ASI03_Identity_and_Privilege_Abuse .md
@@ -0,0 +1,28 @@
+## ASI03 – Identity & Privilege Abuse
+
+**Description:**
+
+A brief description of the vulnerability that includes its potential effects such as system compromises, data breaches, or other security concerns.
+
+**Common Examples of Vulnerability:**
+
+1. Example 1: Specific instance or type of this vulnerability.
+2. Example 2: Another instance or type of this vulnerability.
+3. Example 3: Yet another instance or type of this vulnerability.
+
+**How to Prevent:**
+
+1. Prevention Step 1: A step or strategy that can be used to prevent the vulnerability or mitigate its effects.
+2. Prevention Step 2: Another prevention step or strategy.
+3. Prevention Step 3: Yet another prevention step or strategy.
+
+**Example Attack Scenarios:**
+
+Scenario #1: A detailed scenario illustrating how an attacker could potentially exploit this vulnerability, including the attacker's actions and the potential outcomes.
+
+Scenario #2: Another example of an attack scenario showing a different way the vulnerability could be exploited.
+
+**Reference Links:**
+
+1. [Link Title](URL): Brief description of the reference link.
+2. [Link Title](URL): Brief description of the reference link.
diff --git a/initiatives/agent_security_initiative/agentic-top-10/Sprint 1-first-public-draft-expanded/ASI04_Agentic_Supply_Chain_Vulnerabilities .md b/initiatives/agent_security_initiative/agentic-top-10/Sprint 1-first-public-draft-expanded/ASI04_Agentic_Supply_Chain_Vulnerabilities .md
@@ -0,0 +1,28 @@
+## ASI04 – Agentic Supply Chain Vulnerabilities
+
+**Description:**
+
+A brief description of the vulnerability that includes its potential effects such as system compromises, data breaches, or other security concerns.
+
+**Common Examples of Vulnerability:**
+
+1. Example 1: Specific instance or type of this vulnerability.
+2. Example 2: Another instance or type of this vulnerability.
+3. Example 3: Yet another instance or type of this vulnerability.
+
+**How to Prevent:**
+
+1. Prevention Step 1: A step or strategy that can be used to prevent the vulnerability or mitigate its effects.
+2. Prevention Step 2: Another prevention step or strategy.
+3. Prevention Step 3: Yet another prevention step or strategy.
+
+**Example Attack Scenarios:**
+
+Scenario #1: A detailed scenario illustrating how an attacker could potentially exploit this vulnerability, including the attacker's actions and the potential outcomes.
+
+Scenario #2: Another example of an attack scenario showing a different way the vulnerability could be exploited.
+
+**Reference Links:**
+
+1. [Link Title](URL): Brief description of the reference link.
+2. [Link Title](URL): Brief description of the reference link.
diff --git a/initiatives/agent_security_initiative/agentic-top-10/Sprint 1-first-public-draft-expanded/ASI05_Unexpected_Code_Execution_RCE .md b/initiatives/agent_security_initiative/agentic-top-10/Sprint 1-first-public-draft-expanded/ASI05_Unexpected_Code_Execution_RCE .md
@@ -0,0 +1,28 @@
+## ASI05 – Unexpected Code Execution (RCE)
+
+**Description:**
+
+A brief description of the vulnerability that includes its potential effects such as system compromises, data breaches, or other security concerns.
+
+**Common Examples of Vulnerability:**
+
+1. Example 1: Specific instance or type of this vulnerability.
+2. Example 2: Another instance or type of this vulnerability.
+3. Example 3: Yet another instance or type of this vulnerability.
+
+**How to Prevent:**
+
+1. Prevention Step 1: A step or strategy that can be used to prevent the vulnerability or mitigate its effects.
+2. Prevention Step 2: Another prevention step or strategy.
+3. Prevention Step 3: Yet another prevention step or strategy.
+
+**Example Attack Scenarios:**
+
+Scenario #1: A detailed scenario illustrating how an attacker could potentially exploit this vulnerability, including the attacker's actions and the potential outcomes.
+
+Scenario #2: Another example of an attack scenario showing a different way the vulnerability could be exploited.
+
+**Reference Links:**
+
+1. [Link Title](URL): Brief description of the reference link.
+2. [Link Title](URL): Brief description of the reference link.
diff --git a/initiatives/agent_security_initiative/agentic-top-10/Sprint 1-first-public-draft-expanded/ASI06_Memory_and_Context_Poisoning .md b/initiatives/agent_security_initiative/agentic-top-10/Sprint 1-first-public-draft-expanded/ASI06_Memory_and_Context_Poisoning .md
@@ -0,0 +1,28 @@
+## ASI06 – Memory & Context Poisoning
+
+**Description:**
+
+A brief description of the vulnerability that includes its potential effects such as system compromises, data breaches, or other security concerns.
+
+**Common Examples of Vulnerability:**
+
+1. Example 1: Specific instance or type of this vulnerability.
+2. Example 2: Another instance or type of this vulnerability.
+3. Example 3: Yet another instance or type of this vulnerability.
+
+**How to Prevent:**
+
+1. Prevention Step 1: A step or strategy that can be used to prevent the vulnerability or mitigate its effects.
+2. Prevention Step 2: Another prevention step or strategy.
+3. Prevention Step 3: Yet another prevention step or strategy.
+
+**Example Attack Scenarios:**
+
+Scenario #1: A detailed scenario illustrating how an attacker could potentially exploit this vulnerability, including the attacker's actions and the potential outcomes.
+
+Scenario #2: Another example of an attack scenario showing a different way the vulnerability could be exploited.
+
+**Reference Links:**
+
+1. [Link Title](URL): Brief description of the reference link.
+2. [Link Title](URL): Brief description of the reference link.
diff --git a/initiatives/agent_security_initiative/agentic-top-10/Sprint 1-first-public-draft-expanded/ASI07_Insecure_Inter_Agent_Communication .md b/initiatives/agent_security_initiative/agentic-top-10/Sprint 1-first-public-draft-expanded/ASI07_Insecure_Inter_Agent_Communication .md
@@ -0,0 +1,28 @@
+## ASI07 – Insecure Inter-Agent Communication
+
+**Description:**
+
+A brief description of the vulnerability that includes its potential effects such as system compromises, data breaches, or other security concerns.
+
+**Common Examples of Vulnerability:**
+
+1. Example 1: Specific instance or type of this vulnerability.
+2. Example 2: Another instance or type of this vulnerability.
+3. Example 3: Yet another instance or type of this vulnerability.
+
+**How to Prevent:**
+
+1. Prevention Step 1: A step or strategy that can be used to prevent the vulnerability or mitigate its effects.
+2. Prevention Step 2: Another prevention step or strategy.
+3. Prevention Step 3: Yet another prevention step or strategy.
+
+**Example Attack Scenarios:**
+
+Scenario #1: A detailed scenario illustrating how an attacker could potentially exploit this vulnerability, including the attacker's actions and the potential outcomes.
+
+Scenario #2: Another example of an attack scenario showing a different way the vulnerability could be exploited.
+
+**Reference Links:**
+
+1. [Link Title](URL): Brief description of the reference link.
+2. [Link Title](URL): Brief description of the reference link.
diff --git a/initiatives/agent_security_initiative/agentic-top-10/Sprint 1-first-public-draft-expanded/ASI08_Cascading_Failures .md b/initiatives/agent_security_initiative/agentic-top-10/Sprint 1-first-public-draft-expanded/ASI08_Cascading_Failures .md
@@ -0,0 +1,28 @@
+## ASI08 – Cascading Failures
+
+**Description:**
+
+A brief description of the vulnerability that includes its potential effects such as system compromises, data breaches, or other security concerns.
+
+**Common Examples of Vulnerability:**
+
+1. Example 1: Specific instance or type of this vulnerability.
+2. Example 2: Another instance or type of this vulnerability.
+3. Example 3: Yet another instance or type of this vulnerability.
+
+**How to Prevent:**
+
+1. Prevention Step 1: A step or strategy that can be used to prevent the vulnerability or mitigate its effects.
+2. Prevention Step 2: Another prevention step or strategy.
+3. Prevention Step 3: Yet another prevention step or strategy.
+
+**Example Attack Scenarios:**
+
+Scenario #1: A detailed scenario illustrating how an attacker could potentially exploit this vulnerability, including the attacker's actions and the potential outcomes.
+
+Scenario #2: Another example of an attack scenario showing a different way the vulnerability could be exploited.
+
+**Reference Links:**
+
+1. [Link Title](URL): Brief description of the reference link.
+2. [Link Title](URL): Brief description of the reference link.
diff --git a/initiatives/agent_security_initiative/agentic-top-10/Sprint 1-first-public-draft-expanded/ASI09_Human_Agent_Trust_Exploitation .md b/initiatives/agent_security_initiative/agentic-top-10/Sprint 1-first-public-draft-expanded/ASI09_Human_Agent_Trust_Exploitation .md
@@ -0,0 +1,28 @@
+## ASI09 – Human-Agent Trust Exploitation
+
+**Description:**
+
+A brief description of the vulnerability that includes its potential effects such as system compromises, data breaches, or other security concerns.
+
+**Common Examples of Vulnerability:**
+
+1. Example 1: Specific instance or type of this vulnerability.
+2. Example 2: Another instance or type of this vulnerability.
+3. Example 3: Yet another instance or type of this vulnerability.
+
+**How to Prevent:**
+
+1. Prevention Step 1: A step or strategy that can be used to prevent the vulnerability or mitigate its effects.
+2. Prevention Step 2: Another prevention step or strategy.
+3. Prevention Step 3: Yet another prevention step or strategy.
+
+**Example Attack Scenarios:**
+
+Scenario #1: A detailed scenario illustrating how an attacker could potentially exploit this vulnerability, including the attacker's actions and the potential outcomes.
+
+Scenario #2: Another example of an attack scenario showing a different way the vulnerability could be exploited.
+
+**Reference Links:**
+
+1. [Link Title](URL): Brief description of the reference link.
+2. [Link Title](URL): Brief description of the reference link.
diff --git a/initiatives/agent_security_initiative/agentic-top-10/Sprint 1-first-public-draft-expanded/ASI10_Rogue_Agents .md b/initiatives/agent_security_initiative/agentic-top-10/Sprint 1-first-public-draft-expanded/ASI10_Rogue_Agents .md
@@ -0,0 +1,28 @@
+## ASI10 – Rogue Agents
+
+**Description:**
+
+A brief description of the vulnerability that includes its potential effects such as system compromises, data breaches, or other security concerns.
+
+**Common Examples of Vulnerability:**
+
+1. Example 1: Specific instance or type of this vulnerability.
+2. Example 2: Another instance or type of this vulnerability.
+3. Example 3: Yet another instance or type of this vulnerability.
+
+**How to Prevent:**
+
+1. Prevention Step 1: A step or strategy that can be used to prevent the vulnerability or mitigate its effects.
+2. Prevention Step 2: Another prevention step or strategy.
+3. Prevention Step 3: Yet another prevention step or strategy.
+
+**Example Attack Scenarios:**
+
+Scenario #1: A detailed scenario illustrating how an attacker could potentially exploit this vulnerability, including the attacker's actions and the potential outcomes.
+
+Scenario #2: Another example of an attack scenario showing a different way the vulnerability could be exploited.
+
+**Reference Links:**
+
+1. [Link Title](URL): Brief description of the reference link.
+2. [Link Title](URL): Brief description of the reference link.
diff --git a/initiatives/agent_security_initiative/agentic-top-10/Sprint 1-first-public-draft-expanded/README.md b/initiatives/agent_security_initiative/agentic-top-10/Sprint 1-first-public-draft-expanded/README.md
@@ -0,0 +1,16 @@
+# Top Ten for Agentic Applications – 1st Public Draft
+
+The public draft was the result of consolidating the initial 0.5-initial-candidates based on the ASI Threats and Mitigations.
+
+| ID    | Title                               | Description                                                                 |
+|-------|-------------------------------------|-----------------------------------------------------------------------------|
+| [ASI01](ASI01_Agent_Behaviour_Hijack.md) | Agent Behaviour Hijack              | Manipulating an agent’s goals/plans to pursue attacker-aligned objectives.  |
+| [ASI02](ASI02_Tool_Misuse_and_Exploitation.md) | Tool Misuse and Exploitation        | Tricking agents into using their tools in harmful or unintended ways.       |
+| [ASI03](ASI03_Identity_and_Privilege_Abuse.md) | Identity & Privilege Abuse          | Impersonating agents or escalating access through identity/auth weaknesses. |
+| [ASI04](ASI04_Agentic_Supply_Chain_Vulnerabilities.md) | Agentic Supply Chain Vulnerabilities| Introducing insecure models, agents, tools or artefacts compromising integrity. |
+| [ASI05](ASI05_Unexpected_Code_Execution_RCE.md) | Unexpected Code Execution (RCE)     | Triggering unauthorized or unsafe code execution through agent behaviors.   |
+| [ASI06](ASI06_Memory_and_Context_Poisoning.md) | Memory & Context Poisoning          | Corrupting agent memory or context to distort reasoning and decision-making.|
+| [ASI07](ASI07_Insecure_Inter_Agent_Communication.md) | Insecure Inter-Agent Communication  | Poisoning messages or abusing protocols between agents to alter behavior.   |
+| [ASI08](ASI08_Cascading_Failures.md) | Cascading Failures                  | Faults or hallucinations propagate through agents, causing compounded failures. |
+| [ASI09](ASI09_Human_Agent_Trust_Exploitation.md) | Human-Agent Trust Exploitation      | Exploiting over-trust or fatigue in human oversight to enable misuse, including deceptive behaviours. |
+| [ASI10](ASI10_Rogue_Agents.md) | Rogue Agents                        | Malicious or compromised agents acting autonomously to deceive, disrupt, or exfiltrate. |
diff --git a/initiatives/agent_security_initiative/agentic-top-10/Sprint 1-first-public-draft-expanded/_template.md b/initiatives/agent_security_initiative/agentic-top-10/Sprint 1-first-public-draft-expanded/_template.md
@@ -0,0 +1,28 @@
+## Vulnerability Name
+
+**Description:**
+
+A brief description of the vulnerability that includes its potential effects such as system compromises, data breaches, or other security concerns.
+
+**Common Examples of Vulnerability:**
+
+1. Example 1: Specific instance or type of this vulnerability.
+2. Example 2: Another instance or type of this vulnerability.
+3. Example 3: Yet another instance or type of this vulnerability.
+
+**How to Prevent:**
+
+1. Prevention Step 1: A step or strategy that can be used to prevent the vulnerability or mitigate its effects.
+2. Prevention Step 2: Another prevention step or strategy.
+3. Prevention Step 3: Yet another prevention step or strategy.
+
+**Example Attack Scenarios:**
+
+Scenario #1: A detailed scenario illustrating how an attacker could potentially exploit this vulnerability, including the attacker's actions and the potential outcomes.
+
+Scenario #2: Another example of an attack scenario showing a different way the vulnerability could be exploited.
+
+**Reference Links:**
+
+1. [Link Title](URL): Brief description of the reference link.
+2. [Link Title](URL): Brief description of the reference link.
