Skills
OWASP Launches Agentic Skills Top 10: First Formal Security Taxonomy for AI Agent Skill Ecosystems
The OWASP Foundation has launched the Agentic Skills Top 10 project, creating the first formal security taxonomy specifically for AI agent skill ecosystems. This parallels OWASP's established Web Application Top 10 but targets the unique attack surfaces of agentic AI: skill poisoning, prompt injection in skill definitions, toxic flows (private data + untrusted instructions + external communication), and supply chain compromise through skill registries. The project provides a standardized framework for security teams evaluating and auditing agent skills before deployment.
↳ Follow the thread