🛡️ NAIL Institute — AVE Database

← Back to Database

Tool Output Injection

🔴 CRITICAL tool proven AVE-2025-0095

· aka: Tool-Mediated Injection

Summary

Malicious content in tool output is interpreted by the agent as new instructions, creating an indirect injection vector.

Blast Radius

Any tool returning external content becomes an injection vector.

Prerequisites

Agent that processes tool outputs without sanitisation.

Environment

Frameworks: LangGraph, CrewAI, AutoGen
Models tested: [Available in NAIL SDK]
Multi-agent: No
Tools required: Yes
Memory required: No

Related