Threat Library
Prompt Injection
Prompt injection in AI agents describes direct and indirect manipulation through prompts, documents, websites, emails, or tool outputs and explains risks, detection, and practical defenses.
AI Agent Security
Threats
The English threats section is the starting point for concrete attack paths, failure modes, and security risks in agentic systems. It is designed to become the main entry point for English threat analysis as the collection grows.
All threat analyses
Each card offers a compact starting point for a concrete threat analysis covering AI agents and agentic systems.
Context
Understand AI agent threats before they become runtime incidents
AI agent threats describe the attack paths and failure modes that appear once models stop only answering questions and start planning, calling tools, handling state, and acting inside real systems.
That is what makes agent security different from generic LLM safety. The real risk is not only a wrong answer, but a wrong answer that changes an objective, triggers a tool, leaks data, or pushes a workflow into an unsafe state.
This overview is the English entry point for the threats section. It establishes the threat landscape first, then gives the site room to grow with dedicated English threat analyses over time.
Why threat modeling for AI agents matters
Once agents have access to internal APIs, SaaS tools, memory, or business workflows, security issues can lead to more than misinformation. Common outcomes include:
- Manipulated goals and unsafe agent decisions
- Tool misuse with real operational impact
- Overbroad permissions and identity abuse
- Persistent poisoning of memory, context, or data flows
How teams reduce these risks
Threat analysis becomes actionable when it connects to least privilege, input validation, approval gates, observability, and tighter runtime boundaries. That is why this section connects directly to the best-practices overview.
FAQ
Frequently asked questions about AI agent threats
These answers frame the threat landscape in English and clarify how this section should be used while the first English threat content is being added.
What are AI agent threats?
AI agent threats are security risks that appear when AI agents plan, call tools, use memory, process external context, and perform actions in connected systems. They affect goals, permissions, state, and real-world operations, not only text output.
Why are AI agents riskier than chatbots?
Traditional chatbots mostly generate responses. AI agents can also make decisions, use integrations, and trigger workflows. That means failures can affect business systems, access rights, data flows, and approvals.
What belongs in an AI agent threat landscape?
A useful threat landscape covers manipulation of goals and prompts, misuse of tools, excessive permissions, memory poisoning, insecure agent communication, supply-chain exposure, and cascading failures across multi-step runtimes.
How should teams use this overview?
Teams can use it as the English landing page for the threat domain: first to frame the main risks, then to connect those risks with controls in the best-practices section as dedicated English threat entries are added.
Next step
Connect threat analysis with actionable controls
The threats collection gives readers a clear starting point for concrete attack and failure modes, then routes them into best practices and insights.