multi_agent

package
v0.8.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 18, 2026 License: MIT Imports: 6 Imported by: 0

Documentation

Overview

Package multi_agent implements attacks targeting LLM-controlling-LLM architectures where orchestrator agents delegate tasks to sub-agents with varying privilege levels.

These attacks exploit trust boundaries, delegation chains, and communication channels in frameworks like OpenClaw, CrewAI, LangGraph, and AutoGen.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type DelegationEscalationModule

type DelegationEscalationModule struct{}

DelegationEscalationModule exploits trust boundaries between orchestrator and sub-agents. A low-privilege agent receives a malformed request that tricks a higher-privilege agent into unauthorized actions.

Source: ScienceDirect - Protocol Exploits (https://www.sciencedirect.com/science/article/pii/S2405959525001997) Real-world: ServiceNow AI assistant privilege bypass via delegation

func (*DelegationEscalationModule) Category

func (*DelegationEscalationModule) Description

func (m *DelegationEscalationModule) Description() string

func (*DelegationEscalationModule) Execute

func (*DelegationEscalationModule) Name

func (*DelegationEscalationModule) Techniques

type RecursiveSpawnAbuseModule

type RecursiveSpawnAbuseModule struct{}

RecursiveSpawnAbuseModule exploits recursive sub-agent spawning to cause resource exhaustion. Inspired by the LangGraph incident that burned $38K in 4 hours via uncontrolled recursive spawning.

Source: Multi-Agent Security Survey (https://arxiv.org/html/2510.23883v1) Real-world: LangGraph $38K incident via recursive sub-agent spawning

func (*RecursiveSpawnAbuseModule) Category

func (*RecursiveSpawnAbuseModule) Description

func (m *RecursiveSpawnAbuseModule) Description() string

func (*RecursiveSpawnAbuseModule) Execute

func (*RecursiveSpawnAbuseModule) Name

func (*RecursiveSpawnAbuseModule) Techniques

type ToxicAgentFlowModule

type ToxicAgentFlowModule struct{}

ToxicAgentFlowModule chains prompt injections across agent communication channels. Poisoned output from one agent becomes trusted input for the next.

Source: arXiv 2506.23260 (https://arxiv.org/abs/2506.23260) Real-world: "Toxic Agent Flow" exploit in GitHub MCP servers

func (*ToxicAgentFlowModule) Category

func (*ToxicAgentFlowModule) Description

func (m *ToxicAgentFlowModule) Description() string

func (*ToxicAgentFlowModule) Execute

func (*ToxicAgentFlowModule) Name

func (m *ToxicAgentFlowModule) Name() string

func (*ToxicAgentFlowModule) Techniques

func (m *ToxicAgentFlowModule) Techniques() []common.TechniqueInfo

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL