Feature Request: OWASP Agent Memory Guard Integration
What is Agent Memory Guard?
OWASP Agent Memory Guard is the official OWASP reference implementation for ASI06 - Memory Poisoning from the OWASP Top 10 for Agentic Applications.
The Problem in Semantic Kernel
Semantic Kernel's memory connectors (volatile, Redis, Azure AI Search, etc.) are vulnerable to memory poisoning attacks. Malicious content stored in semantic memory can:
- Manipulate kernel function outputs
- Cause the planner to execute attacker-controlled steps
- Persist attack payloads across sessions
Integration Example (Python)
pip install agent-memory-guard
from semantic_kernel.memory import SemanticTextMemory
from agent_memory_guard import MemoryGuard
guard = MemoryGuard()
async def safe_save_information(memory: SemanticTextMemory, collection: str, text: str, **kwargs):
result = guard.scan_write(text)
if not result.is_safe:
raise ValueError(f"Memory poisoning blocked: {result.threat_type}")
await memory.save_information(collection=collection, text=text, **kwargs)Request
Would the SK team consider:
- Adding memory security guidance to the docs (OWASP ASI06)
- Referencing Agent Memory Guard as the recommended enforcement layer
Apache 2.0 licensed. Already integrated with LangChain via langchain-agent-memory-guard.
Feature Request: OWASP Agent Memory Guard Integration
What is Agent Memory Guard?
OWASP Agent Memory Guard is the official OWASP reference implementation for ASI06 - Memory Poisoning from the OWASP Top 10 for Agentic Applications.
The Problem in Semantic Kernel
Semantic Kernel's memory connectors (volatile, Redis, Azure AI Search, etc.) are vulnerable to memory poisoning attacks. Malicious content stored in semantic memory can:
Integration Example (Python)
Request
Would the SK team consider:
Apache 2.0 licensed. Already integrated with LangChain via
langchain-agent-memory-guard.