AGENTFORCE-22.1: Unsafe Autonomous HTTP Callouts
๐จ Critical ยท SSRF
Detects Apex classes invoked by agent actions that make HTTP callouts to dynamically-constructed endpoints without Named Credential enforcement. This enables SSRF: a prompt injection attack can redirect the agent's HTTP callout to an attacker-controlled server or internal network resource.
Detailsโ
| Field | Value |
|---|---|
| Rule ID | AGENTFORCE-22.1 |
| Severity | Critical |
| Category | SSRF |
| Compliance | SOC2_CC7, OWASP_MCP_TOP_10 |
Remediationโ
Refer to the SquireX documentation for
remediation guidance specific to AGENTFORCE-22.1.