PraisonAI Has SSRF in FileTools.download_file() via Unvalidated

PraisonAI: SSRF via Unvalidated api_base in passthrough() Fallback

Fickling has a detection bypass via stdlib network-protocol constructors

TaskWeaver has Protection Mechanism Failure and Server-Side Request Forgery (SSRF

picklescan has Arbitrary file read using `io.FileIO`

Langflow is a tool for building and deploying AI-powered

Penetration Testing of Agentic AI: A Comparative Security Analysis Across Models and Frameworks

system and 13 distinct attack scenarios that span prompt injection, Server Side Request Forgery (SSRF), SQL injection, and tool misuse. Our 130 total test cases reveal significant security disparities: AutoGen