When your agent calls another company's agent — who actually verifies that handoff?

Reddit r/AI_Agents News

Summary

A developer describes encountering authentication and authorization gaps when one AI agent calls a third-party vendor's agent, highlighting failure modes like scope escalation, unverified chains, and confused deputy attacks. They ask the community how to handle cross-org agent call verification.

Building a multi-agent system where one of our agents (internal) needs to call a third-party vendor's agent to trigger order fulfillment. Getting the integration working was straightforward. What stopped me was a question I couldn't find a clean answer to: When our agent calls their agent, each side has its own auth layer — ours validates tokens we issue, theirs validates tokens they issue. But nobody is independently verifying the handoff between them. Specifically ran into three failure modes I couldn't see how to catch with either side's existing auth: 1. Our agent has a valid token scoped for read_order. It requests execute_payment on the vendor's system, claiming authority inherited from an earlier step. The vendor's auth system validates "is this a real token from a trusted issuer" — it is — but never checks whether that token was actually scoped for payment actions. 2. A request chain started from unverified user input (free-text form submission), passed through our agent, and arrived at the vendor's agent looking like an internal verified request. Neither side's auth could see the full chain history. 3. The vendor's agent is registered and trusted. But a request claiming to originate from our side actually came via the vendor's agent bouncing a call back inward — a cross-org CONFUSED_DEPUTY. Both sides' individual auth systems passed it fine. Have you hit this in practice? How did you handle cross-org agent call verification? Did you solve it at the protocol level (A2A/MCP), at the application layer, or just accept it as a known gap for now? Not looking for a product recommendation — genuinely want to know if this is a real operational problem others have run into or if I'm over-engineering it.
Original Article

Similar Articles

Agent followup and verification issues

Reddit r/openclaw

A user describes the problem of AI agents not reporting back after being given tasks and asks the community for solutions and handling methods.