Ai-Agent

Attackers are leveraging indirect prompt injection against AI agents with access to private data, untrusted content, and external communication channels to steal sensitive information by embedding malicious instructions in content processed by the agent.

PraisonAI resolves tool names against module globals and `__main__` after failing to match declared tools, allowing an attacker who can influence tool-call names to invoke unintended application callables, leading to potential unauthorized state changes and command execution.

Malicious actors are exploiting OpenClaw, Moltbot, and Clawdbot AI coding agents via Node.js to execute arbitrary shell commands and download-and-execute commands, potentially targeting cryptocurrency wallets and credentials.

HushSpec is an open specification under development to standardize security policies at the action boundary of AI agents, focusing on actions such as file access, network egress, and shell execution, aiming to create a portable and engine-agnostic policy layer.

A research report auditing popular AI agent projects found that 93% rely on unscoped API keys as the only authentication mechanism, leading to potential credential exposure, privilege escalation, and lateral movement within multi-agent systems.