AGENTFORCE-34.1: Agent-to-UI XSS (Component Injection Graph)
๐จ Critical ยท Graph: Component Injection
[Enterprise] Performs 4-hop graph traversal proving an LLM-generated string travels from agent output through a Flow screen variable into an LWC component that renders it via unsafe innerHTML or lwc:inner-html without sanitization. Supersedes rule 21.2 when both fire on the same flow.
Detailsโ
| Field | Value |
|---|---|
| Rule ID | AGENTFORCE-34.1 |
| Severity | Critical |
| Category | Graph: Component Injection |
| Compliance | EU_AI_ACT_HIGH_RISK, SOC2_CC7 |
Remediationโ
Refer to the SquireX documentation for
remediation guidance specific to AGENTFORCE-34.1.