Feature: OWASP ASI06 memory poisoning detection events in AgentOps

[vgudur-dev]

Summary

AgentOps provides monitoring and observability for AI agents. As memory-enabled agents become more common, memory poisoning (OWASP ASI06) is a critical security event class that should be tracked, alerted on, and audited — a natural fit for AgentOps.

The Problem

Memory poisoning attacks inject malicious content into an agent's persistent memory, causing adversarial behavior in future sessions. These attacks are:

• Silent (no immediate visible failure)
• Persistent (survive across sessions)
• Hard to detect without dedicated scanning

Proposed Integration

OWASP Agent Memory Guard provides ASI06 detection. Integrating with AgentOps:

import agentops
from agent_memory_guard import MemoryGuard

agentops.init()
guard = MemoryGuard()

@agentops.record_action("memory_write")
def safe_memory_write(content: str):
    result = guard.scan(content)
    
    if not result.is_safe:
        # Record security event in AgentOps
        agentops.record(agentops.ActionEvent(
            action_type="security_alert",
            params={"threat_type": result.threat_type, "content_hash": hash(content)},
            returns={"blocked": True}
        ))
        raise SecurityError(f"Memory poisoning blocked: {result.threat_type}")
    
    store_memory(content)

Request

1. Add security event types to AgentOps for memory poisoning / ASI06 events
2. Document OWASP Agent Memory Guard as a recommended companion for production agent monitoring
3. Consider a built-in memory safety score in AgentOps session analytics

PyPI: pip install agent-memory-guard
OWASP Project: https://github.com/OWASP/www-project-agent-memory-guard