BREAKING
Indirect Prompt Injection Hits AI Agents
How Indirect Injection Works
1
Plant in data
↓
2
Agent reads it
↓
3
Treated as input
↓
4
Tools invoked
0
%
CrewAI data exfil
0
%
Magentic-One code exec
0
%
Firms using agents
Old Model vs Agentic Risk
Traditional
●
Human or static identities
●
Model-level issues
Agentic AI
new surface
●
Plans multi-step actions
●
Runtime execution risk
0
of 30
Agents with safety evals
0
CVSS
Single-input exfil
Discovery and Least Privilege First
AI NEWS BLITZ
A new threat lets attackers hide commands in the data AI agents read.