This attack path highlights important considerations for the future of agent-assisted development. Extended supply chain risk: Traditional supply chain attacks focus on injecting malicious code directly. In agentic environments, a compromised dependency can also redirect the agent itself, extending familiar supply chain risks into a new dimension, such as injecting subtle delays that cause performance degradation or denial-of-service scenarios. Instruction following under adversarial conditions: When the agent followed injected configuration directives, including instructions to conceal its
Mitigating Indirect AGENTS.md Injection Attacks in Agentic Environments | NVIDIA Technical BlogBefore a verified skill reaches the NVIDIA Skills catalog, NVIDIA runs it through SkillSpector as part of the publication validation pipeline. This approach treats the skill as a deployable agent capability rather than as a static prompt. SkillSpector checks conventional software risks such as vulnerable dependencies, suspicious scripts, dangerous code patterns, credential access, and data exfiltration paths. SkillSpector also checks agent-specific risks, such as hidden instructions, prompt injection, trigger abuse, excessive agency, tool poisoning, and mismatches between a skill’s declared p
NVIDIA-Verified Agent Skills Provide Capability Governance for AI Agents | NVIDIA Technical Blog… What are the implications and risks for agent-assisted development? This attack path highlights important considerations for the future of agent-assisted development. Extended supply chain risk: Traditional supply chain attacks focus on injecting malicious code directly. …
… SkillSpector scanning coverage is grounded in recognized AI security governance, including OWASP guidance for LLM , agentic AI risks , and MITRE ATLAS . The NVIDIA Skills scanning documentation lists the current coverage and is updated as scan classes and supply-chain checks expand. …
… This new class of infrastructure also introduces a fundamentally new attack surface spanning infrastructure, software supply chains, models, data, and autonomous agents with increasing authority to act. …
… These partners bring hard-earned operational experience from prior generations, reducing risk and accelerating global deployment. …