Agent Security

Roles: prompt-injection, tool-poisoning, memory-poisoning, exfiltration, trust-boundary, sandbox

The security concerns specific to AI agents that operate with tool access, memory, and the ability to take actions in the world. Agent security extends classical application security with new attack surfaces: prompt injection manipulates the agent’s reasoning, tool poisoning corrupts its capabilities, and memory poisoning alters its persistent state. The domain inherits vocabulary from both traditional security (sandboxes, trust boundaries) and medicine (injection, poisoning), reflecting the hybrid nature of threats that target cognition rather than code execution.

Applied To This Frame (3)

• authority-and-delegation → Confused Deputy
• fire-safety → Lethal Trifecta
• medicine → Prompt Injection