Join us for the GenAI Security Project’s – Agentic AI Security Summit, Europe Dec 10 London

|

REGISTER NOW !
  • GEN AI SECURITY
  • resources
  • Code Samples

Insecure Agent Samples

  • April 1, 2025

About

GenAI Project – Agentic Security Initiative (ASI) – Insecure Agent Samples

 

Warning

 

The sample applications here are deliberately insecure to demonstrate Agent security risks. Please exercise caution when deploying in your environment.

Objective

 

We aim to demonstrate security risks in well-known Agentic AI (also known as Agents) frameworks, particularly how Agent misconfigurations (i.e., insecure code, framework-specific misconfigurations) can lead to vulnerabilities identified in the OWASP Top 10 for Gen AI and Large Language Model Applications 2025.

This repository contains examples of insecure code and/or security misconfigurations in common Agent frameworks such as:

  1. LangChain
  2. LangGraph
  3. CrewAI
  4. AutoGen
  5. OpenAI Swarm (Experimental)
  6. Amazon Bedrock Agents

More Agent frameworks will be supported in the future.

Download

Additional Resources

OWASP Top 10 for Agentic Applications for 2026

OWASP GenAI Security Project – Solutions Reference Guide Q2_Q3’25

CheatSheet – A Practical Guide for Securely Using Third-Party MCP Servers 1.0
OWASP and the OWASP logo are trademarks of the OWASP Foundation, Inc. Unless otherwise specified, all content on the site is Creative Commons Attribution-ShareAlike v4.0 and provided without

warranty of service or accuracy. For more information, please refer to our General Disclaimer.  – Copyright © 2025 OWASP Foundation, Inc.

Scroll to Top