Unit 42 researchers demonstrated a red-teaming methodology against Amazon Bedrock's multi-agent applications, highlighting the risks of prompt injection in orchestrated AI systems. By systematically bypassing agent guardrails, attackers can extract sensitive instructions, map tool schemas, and invoke integrated tools with malicious inputs, though built-in Bedrock Guardrails effectively mitigate these threats.