You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Important: The sample code provided is for demonstration purposes and illustrates the mechanics of the Agent-to-Agent (A2A) protocol. When building production applications, it is critical to treat any agent operating outside of your direct control as a potentially untrusted entity.
61
-
62
-
All data received from an external agent—including but not limited to its AgentCard, messages, artifacts, and task statuses—should be handled as untrusted input. For example, a malicious agent could provide an AgentCard containing crafted data in its fields (e.g., description, name, skills.description). If this data is used without sanitization to construct prompts for a Large Language Model (LLM), it could expose your application to prompt injection attacks. Failure to properly validate and sanitize this data before use can introduce security vulnerabilities into your application.
63
-
64
-
Developers are responsible for implementing appropriate security measures, such as input validation and secure handling of credentials to protect their systems and users.
60
+
Important: The sample code provided is for demonstration purposes
61
+
and illustrates the mechanics of the Agent-to-Agent (A2A) protocol.
62
+
When building production applications, it is critical to treat any agent
63
+
operating outside of your direct control as a potentially untrusted entity.
64
+
65
+
All data received from an external agent—including but not limited to its AgentCard,
66
+
messages, artifacts, and task statuses—should be handled as untrusted input.
67
+
For example, a malicious agent could provide an AgentCard containing crafted data
68
+
in its fields (e.g., description, name, skills.description). If this data is used
69
+
without sanitization to construct prompts for a Large Language Model (LLM),
70
+
it could expose your application to prompt injection attacks. Failure to properly
71
+
validate and sanitize this data before use can introduce security vulnerabilities
72
+
into your application.
73
+
74
+
Developers are responsible for implementing appropriate security measures,
75
+
such as input validation and secure handling of credentials to protect their systems and users.
0 commit comments