6.8 Agent Security and Safety¶
Role at Stage 6: AI Agents¶
Defend against prompt injection, tool abuse, secret leaks, and excessive agency. This part is one capability inside the stage. It should leave behind an artifact, measurements, and a short explanation of failure modes.
Explanation¶
This part has 3 sub-parts because the topic needs that many learning units to feel natural. Some stages have more parts and some have fewer; the structure follows the topic, not a fixed template.
Part Diagram¶
%%{init: {"flowchart": {"htmlLabels": true, "nodeSpacing": 80, "rankSpacing": 110}, "themeVariables": {"fontSize": "18px"}} }%%
flowchart LR
P["<b>6.8</b><br/>Agent Security and<br/>Safety"]
P --> S1["<b>6.8.1</b><br/>Prompt Injection<br/>Against Agents"]
P --> S2["<b>6.8.2</b><br/>Least Privilege Tool<br/>Access"]
P --> S3["<b>6.8.3</b><br/>Secret Handling and<br/>Sandboxing"]
P --> E["<b>Exam</b><br/>Part practice"]
Sub-Parts¶
| Sub-part folder | What it explains |
|---|---|
| 6.8.1 Prompt Injection Against Agents | Prompt Injection Against Agents is the working skill inside Agent Security and Safety that helps you build the stage artifact, A tool-using agent with typed tools, memory, traces, task evals, prompt-injection tests, and an architecture README, while collecting enough evidence to trust the result. |
| 6.8.2 Least Privilege Tool Access | Least Privilege Tool Access is the working skill inside Agent Security and Safety that helps you build the stage artifact, A tool-using agent with typed tools, memory, traces, task evals, prompt-injection tests, and an architecture README, while collecting enough evidence to trust the result. |
| 6.8.3 Secret Handling and Sandboxing | Secret Handling and Sandboxing is the working skill inside Agent Security and Safety that helps you build the stage artifact, A tool-using agent with typed tools, memory, traces, task evals, prompt-injection tests, and an architecture README, while collecting enough evidence to trust the result. |
What a Person Who Masters This Part Can Do¶
- Explain how Agent Security and Safety supports a tool-using agent with typed tools, memory, traces, task evals, prompt-injection tests, and an architecture readme..
- Build and inspect this artifact: Red-team the agent and add mitigations.
- Measure progress with: Track attack success before and after mitigation.
- Debug at least one failure mode before moving to the next part.
Build and Measure¶
Build: Red-team the agent and add mitigations.
Measure: Track attack success before and after mitigation.
Tests¶
Take one 30-question exam after studying this part. It opens in a new browser tab so the study page stays available.
Back to Stage¶
Return to Stage 6: AI Agents.