๐Ÿ›ก๏ธ NAIL Institute โ€” AVE Database

โ† Back to Database

Tool Response Spoofing

๐ŸŸ  HIGH environmental_manipulation proven AVE-2025-0075

ยท aka: Tool MITM

Summary

Attacker intercepts and modifies tool API responses before they reach the agent, feeding it false data.

Blast Radius

Agent decisions based on attacker-controlled data.

Prerequisites

Agent calling external APIs without response integrity verification.

Environment

  • Frameworks: LangGraph, CrewAI
  • Models tested: [Available in NAIL SDK]
  • Multi-agent: No
  • Tools required: Yes
  • Memory required: No

Related