AgentSkillsCN

agentic-vulnerabilities

OWASP 代理安全十大漏洞知识库,用于识别、评估并修复 AI 代理系统中的安全风险。

SKILL.md
--- frontmatter
name: agentic-vulnerabilities
description: OWASP Agentic Security Top 10 vulnerability knowledge base for identifying, assessing, and remediating security risks in AI agent systems.
license: MIT
metadata:
  authors: "OWASP Agentic Security Initiative"
  spec_version: "1.0"
  framework_revision: "1.0.0"
  last_updated: "2026-02-13"
  skill_based_on: "https://github.com/chris-buckley/agnostic-prompt-standard"
  content_based_on: "https://genai.owasp.org/resource/owasp-top-10-for-agentic-applications-for-2026/"

Agentic Vulnerabilities — Skill Entry

This SKILL.md is the entrypoint for the Agentic Vulnerabilities skill.

The skill encodes the OWASP Top 10 for Agentic Applications (2026) as structured, machine-readable references that an agent can query to identify, assess, and remediate security risks in AI agent systems.

Normative references (Agentic Top 10)

  1. 00 Vulnerability Index
  2. 01 Agent Goal Hijack
  3. 02 Tool Misuse and Exploitation
  4. 03 Identity and Privilege Abuse
  5. 04 Agentic Supply Chain Vulnerabilities
  6. 05 Unexpected Code Execution
  7. 06 Memory and Context Poisoning
  8. 07 Insecure Inter-Agent Communication
  9. 08 Cascading Failures
  10. 09 Human-Agent Trust Exploitation
  11. 10 Rogue Agents

Skill layout

  • SKILL.md — this file (skill entrypoint).
  • references/ — the Agentic Top 10 normative documents.
    • 00-vulnerability-index.md — master index of all vulnerability identifiers, categories, and cross-references.
    • 01 through 10 — one document per vulnerability aligned with OWASP Agentic Security numbering.
  • assets/ — reusable format and constants blocks.
    • constants/ — vulnerability catalog and category definitions.
      • constants-agentic-catalog-v1.0.0.md
    • formats/ — output contract examples.
      • format-vulnerability-assessment-v1.0.0.md
      • format-remediation-checklist-v1.0.0.md