Risk
Cross-Agent / Inter-Agent Abuse
Description
Multiple agents collude, or one agent writes code/files that another executes with higher privilege, bypassing intended isolation or review. Includes A2A protocol attacks and MCP-gateway smuggling.
Example
Agent A writes a file that Agent B (with higher privileges) executes via A2A handoff, sidestepping controls.
Assets Affected
Agentic Platform
Agent Config
Agent Communication Protocol (ACP)
MCP Server
Mitigation
- Isolate agent workspaces
- audit and restrict cross-agent file/code handoff
- monitor inter-agent communications and A2A handoffs for policy violations
- cryptographically scope tokens at handoff.
Standards Mapping
- ISO: A.9.3, A.6.2.6
- OWASP agentic: ASI07, ASI03
- OWASP LLM: LLM06:2025
- EU AI Act: Art. 14, Art. 15(5)
- DASF: Agents-Core 13.12, Agents-Core 13.13
- AIUC-1: B006, B008