SAIL 2.0

/

Build - AI Security Posture Management

/

Insecure Agent Instructions Prompt and Configuration Design

3.2

.

Insecure Agent Instructions Prompt and Configuration Design

sail
3.2
Risk

Insecure Agent Instructions Prompt and Configuration Design

Description

Poorly designed agent instructions prompts, agent rules files, or agent configurations (e.g., AGENTS.md, .cursor/rules, agent.yaml) that are easily bypassed, manipulated, or that inadvertently leak sensitive contextual information or instructions.

Example

An attacker plants a hidden-Unicode instruction in the agent’s SOUL.md

Assets Affected

System Prompt

Agent Config

Mitigation
  • Employ robust prompt and configuration engineering techniques
  • sanitize inputs intended for prompts and configs
  • minimize sensitive data in prompts
  • iteratively test prompts for vulnerabilities
  • scan configs for hidden Unicode and injection vectors
  • document prompt and config design and rationale.
Standards Mapping
  • ISO: A.6.2.3
  • OWASP agentic: ASI01, ASI06
  • OWASP LLM: LLM07:2025, LLM01:2025
  • EU AI Act: Art. 15(5)
  • DASF: Model Serving 9.1, Agents-MCP Server 13.16
  • AIUC-1: B001, B009