SAIL 2.0

/

Operate - Safe Execution Environment - Sandbox

/

Cross-Agent / Inter-Agent Abuse

6.7

.

Cross-Agent / Inter-Agent Abuse

sail
6.7
Risk

Cross-Agent / Inter-Agent Abuse

Description

Multiple agents collude, or one agent writes code/files that another executes with higher privilege, bypassing intended isolation or review. Includes A2A protocol attacks and MCP-gateway smuggling.

Example

Agent A writes a file that Agent B (with higher privileges) executes via A2A handoff, sidestepping controls.

Assets Affected

Agentic Platform

Agent Config

Agent Communication Protocol (ACP)

MCP Server

Mitigation
  • Isolate agent workspaces
  • audit and restrict cross-agent file/code handoff
  • monitor inter-agent communications and A2A handoffs for policy violations
  • cryptographically scope tokens at handoff.
Standards Mapping
  • ISO: A.9.3, A.6.2.6
  • OWASP agentic: ASI07, ASI03
  • OWASP LLM: LLM06:2025
  • EU AI Act: Art. 14, Art. 15(5)
  • DASF: Agents-Core 13.12, Agents-Core 13.13
  • AIUC-1: B006, B008