Add OWASP Agent Memory Guard to Securing LLMs section#134
Conversation
|
@mlabonne Hi! I'd love to get a quick review on this PR when you have a moment 🙏 This adds OWASP Agent Memory Guard to the Securing LLMs section — an official OWASP reference implementation for ASI06 (Memory Poisoning) from the OWASP Top 10 for Agentic Applications 2025. It fills a gap in the current section which covers prompt injection and red teaming but not agentic memory threats. Already merged into aishwaryanr/awesome-generative-ai-guide (27k ⭐) and actively discussed by LangGraph, LiteLLM, AutoGen, and Flowise maintainers. Happy to adjust the wording or placement to fit your style guide! |
|
Hi @mlabonne — following up on this PR with a quick update that might be useful context. Since filing, OWASP Agent Memory Guard has gained strong traction:
This fits directly in the Securing LLMs section of your course — it's an OWASP-official tool addressing ASI06 (Memory Poisoning), one of the top threats in the OWASP Top 10 for Agentic Applications 2025. Your course is the go-to LLM learning resource, and adding this would give learners a concrete security tool to reference. Happy to make any changes. Would love to get this merged! 🙏 |
|
Hi @mlabonne — another gentle ping! Since my last comment, AMG has gained significant traction: 887 clones in a single day, a published DEV.to article series (4 posts), and active discussion in the anthropics/claude-code and microsoft/autogen issue trackers. The llm-course Securing LLMs section is exactly where practitioners look for this kind of tool — would love to get it in front of your audience. No conflicts, ready to merge. Happy to adjust placement or wording to match your style! 🙏 |
|
Hi @mlabonne — just a friendly ping. AMG has continued to gain traction since my last comment (now 4.6K+ PyPI downloads, merged into UK AISI inspect_evals, featured in Help Net Security). This adds it to the Securing LLMs section as a practical runtime defense. Would love to get this merged when you have a moment! |
|
Hi @mlabonne — friendly follow-up. Agent Memory Guard is now at 5,400+ PyPI downloads, adopted by the UK AI Safety Institute (merged into inspect_evals), and is an official OWASP Incubator project. It addresses a real gap in the 'Securing LLMs' section — memory poisoning defense. Would love to get this in front of your community! |
|
Hi @mlabonne — friendly follow-up on this PR. OWASP Agent Memory Guard is now the reference implementation for ASI06 (Memory Poisoning) with 6K+ downloads, UK AI Safety Institute adoption, and integrations with LangChain, CrewAI, and LangGraph. It fits naturally in the security/safety section of the course. Would appreciate a review when you have a moment. Happy to adjust the entry to match your preferred format. |
Summary
This PR adds OWASP Agent Memory Guard to the
### 8. Securing LLMssection of the roadmap.What it is: An official OWASP reference implementation addressing ASI06 (Memory Poisoning) from the OWASP Top 10 for Agentic Applications 2025. It provides a scan-before-write pattern for AI agent memory — a critical security gap not covered by existing resources in this section.
Why it belongs here: The existing section covers prompt injection, backdoors, and red teaming, but doesn't address the emerging threat of memory poisoning in agentic AI systems. As LLM engineers increasingly build multi-step agents, this is a critical gap.
Install:
pip install agent-memory-guardRepo: https://github.com/OWASP/www-project-agent-memory-guard
Already merged into aishwaryanr/awesome-generative-ai-guide (27k ⭐) and being discussed by maintainers of LangGraph, LiteLLM, AutoGen, and Flowise.