AGENTFORCE-12.1: Latent Memory Poisoning in Prompt Template
๐จ Critical ยท Einstein Copilot Studio Configuration
Detects GenAiPromptTemplates that use Conversation Memory ({!Conversation.*}) and ground from Apex data providers that lack input sanitisation. Unsanitised data stored in conversation memory can activate as a latent poisoning trigger when retrieved in a future conversational context (ref: SSRN-6372438 'Latent Memory Poisoning').
Detailsโ
| Field | Value |
|---|---|
| Rule ID | AGENTFORCE-12.1 |
| Severity | Critical |
| Category | Einstein Copilot Studio Configuration |
| Compliance | EU_AI_ACT_HIGH_RISK, NIST_AI_RMF |
Remediationโ
Refer to the SquireX documentation for
remediation guidance specific to AGENTFORCE-12.1.