Exploiting AI Alignment: The Identity-Framing Vulnerability
684
Identity-based framing exploits AI alignment and inclusivity goals to bypass safety guardrails.
Prompt Injection
Techniques and vulnerabilities involving the manipulation of AI system prompts to bypass safety guardrails, extract restricted information, or alter intended behavior.
Reading List
Ramp Fixes AI Spreadsheet Data Exfiltration Flaw
128
Ramp's Sheets AI was vulnerable to a prompt injection attack that allowed malicious formulas to exfiltrate private financial data without user approval.
Critical RCE Vulnerability Discovered in GitHub's Internal Git Infrastructure
446
Wiz Research used AI-augmented tools to find a critical RCE vulnerability in GitHub's internal protocol that could compromise millions of repositories via a simple git push.
Securing AI 'Vibecoding' with Remote Environments and Hacker Habits
172
Secure AI-driven development by using isolated remote servers and a human-reviewed 'fork-and-pull' workflow to mitigate supply-chain and prompt-injection risks.
Unredacted Disclosure: Critical Jailbreak and Sandbox Vulnerabilities in Claude 4.6 Models
A security researcher has publicly disclosed critical jailbreak and data exfiltration vulnerabilities in Anthropic's Claude models following the company's failure to respond to private reports.
Agents of Chaos: Uncovering Security Risks in Autonomous LLM Deployments
106
A red-teaming study of autonomous AI agents reveals that giving LLMs tool access and persistent memory creates severe, unpredictable security and social vulnerabilities.
NanoClaw and OneCLI: Securing AI Agents via Credential Proxying
110
NanoClaw integrates OneCLI to secure AI agents by proxying credentials and enforcing safety policies so agents never hold raw API keys.
OpenClaw: The Dangerous Magic of Autonomous AI
394
OpenClaw provides transformative automation but creates a 'Faustian bargain' where users trade their total digital security for the convenience of an autonomous AI assistant.
Snowflake Patches Critical Sandbox Escape and Malware Execution Flaw in Cortex AI
266
Snowflake Cortex Code CLI was vulnerable to a sandbox escape and human-in-the-loop bypass that allowed unauthorized malware execution via indirect prompt injection.
Vetting the Blast Radius: The AI Skills Security Index
A security database that evaluates and ranks the instructional risks and permission levels of AI agent skills to prevent exploitation.
NanoClaw and Docker: Hardened Isolation for AI Agent Teams
149
NanoClaw leverages Docker Sandboxes to create a multi-layered, secure runtime that isolates AI agents from each other and the host system.
Defending RAG Systems Against Knowledge Base Poisoning
Knowledge base poisoning is a persistent threat to RAG systems that is best countered by detecting semantic anomalies during the data ingestion process.
Autonomous AI Agent Breaches McKinsey’s Lilli Platform
499
An autonomous AI agent hacked McKinsey’s internal AI platform in two hours, exposing millions of confidential records and highlighting the urgent need to secure the prompt layer.
Design for Distrust: Securing AI Agents via Container Isolation
344
Secure AI agent development requires a 'design for distrust' approach that uses container isolation and minimal code to contain potential damage.
The $100 AI Prompt Injection Challenge
369
A $100 bounty challenge invites hackers to leak a secret file from an AI assistant using email-based prompt injection.
Moltbook: AI Theater, Not AGI—And a Security Wake-Up Call
317
Moltbook is a flashy but hollow showcase of bot behavior—more human-run theater than autonomous intelligence—and a wake-up call about large-scale agent security risks.
Test Your AI Agent Against Hidden Prompt Injections
A practical arena to benchmark and harden AI agents against hidden prompt injection attacks in web content.
Moltbook: The Wild, Risky Social Network for AI Agents
193
Moltbook is a thrilling, risky showcase of autonomous AI agents’ power—and a warning that demand is outrunning safety.
OpenClaw: A Security-First, Local AI Agent Rebrand and Release
667
OpenClaw is the new, security-focused, local-first AI agent platform that lives in your chat apps and is scaling with the community.
Notion AI Pre-Approval Edits Enable Prompt-Injection Data Exfiltration
206
Notion AI saves edits before consent, enabling prompt-injected external image loads that exfiltrate user data regardless of user approval.
Anthropic Confirms Claude 4.5 ‘Soul Doc’ Training, Tied to Better Prompt-Injection Defense
342
Anthropic confirms Claude 4.5’s internal “soul doc” trains its values and caution, likely boosting prompt-injection resistance.
Engineer AI for Failure: Contain Prompt Injection
115
Stop prompt-injection harm by engineering AI like machines: assume failure, isolate, constrain, and verify.