ai-agent-safety-and-red-team

Installation
SKILL.md

AI Agent Safety and Red-Team

Acknowledgement: Shared by Peter Bamuhigire, techguypeter.com, +256 784 464178.

Use When

  • Hardening an agent against indirect prompt injection — instructions embedded in the data the agent reads (KB chunk, web page, tool response, email body the agent summarises).
  • Defending against action escalation — agent chains a benign read tool with a high-privilege write tool to do something the user didn't authorise.
  • Defending against tenant data exfiltration — agent extracts tenant data and embeds it in a tool call argument that exits the boundary (webhook URL, email recipient, log message).
  • Defending against recursive self-modification — agent updates its own prompt, memory, or tool registry.
  • Standing up a red-team CI suite that fires nightly and on every prompt / tool / runtime change.

Do Not Use When

  • The task is direct prompt injection in single-shot features — ai-prompt-injection-and-tenant-safety.
  • The task is generic AI security checklist — ai-security.
  • The task is platform-wide security review — vibe-security-skill.
  • The task is the tool registry / classification — ai-agent-tool-catalogue-and-action-gating.
Installs
6
GitHub Stars
21
First Seen
May 14, 2026
ai-agent-safety-and-red-team — peterbamuhigire/skills-web-dev