Ronghui Gu, CEO of blockchain security firm CertiK, warns that the rapid deployment of autonomous AI agents across the internet and enterprise networks is creating catastrophic security debt. Gu told CoinDesk that unisolated AI agents can access sensitive files, credentials, and financial accounts, making them vulnerable to manipulation, hijacking, and scams. CertiK's research found hundreds of critical vulnerabilities in agent infrastructure, including unpatched CVEs and exposed credentials. Gu highlights 'prompt injection' attacks, where hidden instructions in webpages or documents can redirect agents without malicious code. He also notes a rise in hyperfast, ephemeral machine-on-machine scams that drain funds within minutes. Gu urges a shift to Zero Trust architecture, isolating execution environments and verifying every command.

Key facts

• Unisolated AI agents can access sensitive files, credentials, and financial accounts, posing major security risks.
• Prompt injection attacks can hijack agents via hidden natural language instructions in benign files.
• CertiK discovered hundreds of malicious skills and fake packages on open agent hubs.
• Hyperfast machine-on-machine scams drain funds in minutes, often before humans detect them.
• Gu calls for Zero Trust architecture with isolated execution and continuous verification.

KeyAudit data perspective