Insecure Inter-Agent Channel
Anti-pattern: pass messages between agents on shared transports without authenticating the sending agent, the message content, or the sequence.
Problem
An attacker with channel access (compromised peer, network position, replay window) can spoof messages from one agent to another, replay old messages, or forge inter-agent commands. The downstream agent acts on the message as if it came from a trusted peer. Even a benign-looking transport-layer encryption does not solve this — TLS authenticates the connection, not the semantic content.
Solution
Don't trust transport security as message authentication. Sign messages at the agent-identity layer with per-agent keys. Include nonce and timestamp to defeat replay. Validate sender identity on receive. Apply rate-limiting and anomaly detection on inter-agent message volume.
When to use
- Never. Cite when reviewing A2A or multi-agent message-bus design.
- Sign messages with agent-identity keys; include nonce + timestamp.
- Validate sender identity on every receive.
Open the full interactive page →
Diagram, neighbourhood map, code examples, related patterns and full provenance.