Google ADK API Exposure
google-adk-api-exposed
Verified
Description
Detects the exposure of the Google Agent Development Kit (ADK) API, which may lead to sensitive information disclosure or unauthorized access.
Severity
Unknown
Published Date
July 3, 2025
Template Author
princechaddha
google-adk-api-exposed.yaml
id: google-adk-api-exposed
info:
name: Google ADK API Exposure
author: princechaddha
severity: unknown
description: |
Detects the exposure of the Google Agent Development Kit (ADK) API, which may lead to sensitive information disclosure or unauthorized access.
reference:
- https://google.github.io/adk-docs/
- https://github.com/google/adk-samples
metadata:
max-request: 1
verified: true
tags: adk,exposure,google,ai,agent,api,devops
http:
- raw:
- |
POST /apps/my_sample_agent/users/{{randstr}}/sessions/s_123 HTTP/1.1
Host: {{Hostname}}
Content-Type: application/json
{"state": {"key1": "value1", "key2": 42}}
matchers:
- type: word
part: body
words:
- '","userId":"{{randstr}}"'
- '{"id":"'
condition: and
# digest: 4a0a00473045022022512e6ca137ede7d5a3db81eabd463a30e13175648f086039237783f4db334e022100c44484921b18f9054e5a1fb6a30e63e918bca48f3ceb2012ae9d38da3fdef39b:922c64590222798bb761d5b6d8e729505.0Severity