Problem
AutoGen agents with persistent memory and teachability are vulnerable to memory poisoning attacks — adversarial inputs stored in agent memory can cause agents to leak secrets, ignore instructions, or produce corrupted outputs in future conversations. OWASP identifies this as a top risk for LLM applications.
Proposed Solution
OWASP Agent Memory Guard (AMG) is an open-source Python library that wraps any memory store as a transparent security layer:
pip install agent-memory-guard- Scans every memory write for prompt injection, PII leakage, and tampering
- 92.5% detection rate on AgentThreatBench benchmark
- Works with any memory backend (vector stores, conversation history, teachability DB)
Links
Would the AutoGen team consider integrating AMG as a security layer for agent memory? Happy to contribute a PR.
Problem
AutoGen agents with persistent memory and teachability are vulnerable to memory poisoning attacks — adversarial inputs stored in agent memory can cause agents to leak secrets, ignore instructions, or produce corrupted outputs in future conversations. OWASP identifies this as a top risk for LLM applications.
Proposed Solution
OWASP Agent Memory Guard (AMG) is an open-source Python library that wraps any memory store as a transparent security layer:
pip install agent-memory-guardLinks
Would the AutoGen team consider integrating AMG as a security layer for agent memory? Happy to contribute a PR.