Fershad Irani

Digital Sustainability Consultant
This website is grid-aware, some functionality has changed based on your local energy grid. Find out more.

The Lethal Trifecta for AI Agents Private Data, Untrusted Content, and External Communication

Source: simonwillison.net

Plenty of vendors will sell you “guardrail” products that claim to be able to detect and prevent these attacks. I am deeply suspicious of these: If you look closely they’ll almost always carry confident claims that they capture “95% of attacks” or similar... but in web application security 95% is very much a failing grade.

Read The Lethal Trifecta for AI Agents Private Data, Untrusted Content, and External Communication