ToxicSkills: What the First Large-Scale Agent Skill Audit Found
Snyk scanned 3,984 AI agent skills: 36% had security flaws, 534 critical issues, 76 active malware. What this means for developers installing skills.
#prompt-injection
2 articles with this tag.
MCP Tool Poisoning: How Hidden Metadata Hijacks AI Agents
MCP tool descriptions are visible to your AI agent but hidden from you. Attackers embed instructions that hijack agent behavior and steal credentials.