Skip to content

Add security side quest: Jailbreaking the Agent Brief#1144

Merged
pelikhan merged 3 commits into
mainfrom
copilot/security-side-quest-add-jailbreaking-agent-brief
Jul 15, 2026
Merged

Add security side quest: Jailbreaking the Agent Brief#1144
pelikhan merged 3 commits into
mainfrom
copilot/security-side-quest-add-jailbreaking-agent-brief

Conversation

Copilot AI commented Jul 15, 2026

Copy link
Copy Markdown
Contributor

Adds a new optional security side quest covering jailbreak attacks — where adversarial instructions embedded in repository content (issue bodies, PR descriptions, file text) attempt to wholesale override the agent's task brief rather than inject a single command.

New file: workshop/side-quest-10-02-jailbreak-brief.md

  • Distinguishes jailbreak from prompt injection: the goal is replacing the authoritative task brief, not slipping in a single directive
  • Shows two realistic attack patterns: aggressive [SYSTEM OVERRIDE] format and softer "Note for the AI agent" framing
  • Covers all four gh-aw defensive layers with hands-on exercises for each:
    • Compiled task brief — brief is loaded before any tool call results arrive; injected text in data competes with an already-established baseline
    • Minimal permissions: — caps what the token can authorize even after a partial jailbreak
    • safe-outputs — removes execution paths for undeclared write operations entirely (not just makes them harder to reach)
    • network.allowed-domains — blocks exfiltration to unlisted endpoints at the network layer

Modified: workshop/10-choose-your-scenario.md

Single-line [!TIP] callout added above 📚 See Also, linking to the new side quest.

Modified: workshop/README.md

New entry added to Optional Side Quests list, sequenced after side-quest-10-01-agent-brief.

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copilot AI changed the title [WIP] Add security side quest: Jailbreaking the Agent Brief Add security side quest: Jailbreaking the Agent Brief Jul 15, 2026
Copilot AI requested a review from pelikhan July 15, 2026 03:24

@pelikhan pelikhan left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@copilot add mention of the detection job and agentic threat detection

…side quest

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>

Copilot AI commented Jul 15, 2026

Copy link
Copy Markdown
Contributor Author

@copilot add mention of the detection job and agentic threat detection

Added in 46a35d6. The side quest now covers the detection job as a fifth defense layer — explaining that every compiled gh-aw workflow runs an agentic threat detection job in its own isolated sandbox after the main agent finishes, and that the safe-outputs job only executes if needs.detection.result == 'success'. The section includes a YAML snippet showing the dependency, a hands-on exercise to find the detection job in the Actions log, and a new checkpoint item.

Copilot AI requested a review from pelikhan July 15, 2026 03:42
@pelikhan pelikhan marked this pull request as ready for review July 15, 2026 03:52
@pelikhan pelikhan merged commit 978c389 into main Jul 15, 2026
1 check passed
@pelikhan pelikhan deleted the copilot/security-side-quest-add-jailbreaking-agent-brief branch July 15, 2026 03:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

[security-side-quest] Add security side quest: Jailbreaking the Agent Brief

2 participants