Technical description
Adversa AI's April 2026 agentic AI security research reveals that 93% of 30 audited AI agent frameworks rely on unscoped API keys, 0% implement per-agent identity, and 97% lack user consent mechanisms. Additionally, memory poisoning attacks against LLM agents achieve 90%+ success rates against major models including GPT-5 mini and Claude Sonnet 4.5.
Attack vector
Attackers exploit the lack of per-agent identity and unscoped API keys to escalate privileges across agent frameworks. Memory poisoning involves injecting malicious entries into agent persistent memory that hijack future workflows. The TrinityGuard evaluation framework found only a 7.1% average safety pass rate across multi-agent systems.
Affected systems
30 major AI agent frameworks evaluated. Specific models tested for memory poisoning include GPT-5 mini and Claude Sonnet 4.5. Multi-agent orchestration platforms using AG2/AutoGen are also affected.
Mitigation
Implement per-agent identity and scoped API keys in all agent frameworks. Deploy memory integrity checks and input validation for agent memory stores. Evaluate your agent deployments using the open-sourced TrinityGuard framework with AG2/AutoGen integration.