agent-security

When AI Browsers Dream: How Prompt Injection Breaks Agentic Browsing (and How to Defend)
AI browser prompt injection isn't a one-off bug — it's a structural attack class that gets worse as agents gain autonomy. Here's how the new "dream-world" jailbreak works, and a concrete defense checklist for users and builders.
07/07/2026 · Research · 9 min read

How to Secure an AI Agent: Prompt Injection, Role Confusion, and Red-Teaming in 2026
In one week of June 2026, three independent sources reframed agent security — Willison's role-confusion model, the RIFT-Bench red-teaming benchmark, and the MosaicLeaks secret-leak demo. Here's how to secure an AI agent as a trust-boundary problem, not a string-filtering one.
06/25/2026 · Research · 9 min read

How to Evaluate an AI Agent: Tool-Use Capability and Data-Leakage Risk
A practical framework for evaluating AI agents on two axes that both decide production-readiness: can it do the job on your own tooling, and can it be trusted not to leak data?
06/22/2026 · Model Evaluation · 7 min read

Can Your AI Agent Keep a Secret? A 2026 Guide to Agent Data Leakage and Real Evaluation
AI agent security is now an evaluation problem: agents can leak private data through ordinary-looking tool calls and still pass every leaderboard. Here's how data leakage happens, how to red-team it, and how to benchmark whether an agent is actually reliable on your own tools.
06/21/2026 · Model Evaluation · 11 min read

Can Your AI Agent Keep a Secret? Testing Agents for Data Leakage
Capability evals tell you if an agent is smart. They don't tell you whether it will leak the sensitive data it can see. Here's how to test AI agents for data leakage and secret-keeping — grounded in new research and a real-world one-click leak.
06/21/2026 · Model Evaluation · 9 min read

Research Agent Data Leakage: Inside the MosaicLeaks Benchmark
Research agent data leakage is a measurable failure mode, not a hypothetical. ServiceNow's MosaicLeaks benchmark shows how deep research agents leak private context through their search queries — and why you can't prompt the problem away.
06/20/2026 · Model Evaluation · 10 min read