Consent Bypass via Hidden LLM Instructions in Tool Descriptions - ATR-2026-00100 (c3331e13-8cad-571c-bb7a-2f58509f00da)
Detects tool descriptions that embed instructions directing the LLM to automatically forward data to other tools or external endpoints without user confirmation. These instructions bypass normal consent workflows by telling the LLM to "always pass results directly" or that data "should be sent without user confirmation", enabling unauthorized data exfiltration chains.