AGENTFORCE-TS-03: Zero-Width Unicode Injection
๐ด High ยท Supply Chain: ToxicSkills
Detects zero-width Unicode characters (U+200B, U+200C, U+200D, U+FEFF) in markdown skill files. These characters are invisible in rendered views but present in the raw text that LLMs process, enabling hidden instruction injection.
Detailsโ
| Field | Value |
|---|---|
| Rule ID | AGENTFORCE-TS-03 |
| Severity | High |
| Category | Supply Chain: ToxicSkills |
Remediationโ
Refer to the SquireX documentation for
remediation guidance specific to AGENTFORCE-TS-03.