Mass deployment of AI agents is a disaster waiting to happen, says CertiK CEO
Autonomous AI agents are creating a major security risk because many are deployed without proper isolation or verification. Once agents can read local files, access credentials, use tools, or trigger workflows, they can become powerful inside threats if compromised. A key weakness is prompt injection: hidden instructions in webpages, PDFs, emails, or fake plug-ins can redirect an agent’s behavior without malware, causing data theft or unauthorized transfers. CertiK also found many malicious skills, fake installers, and lookalike packages on agent hubs that evade traditional antivirus because they manipulate behavior through natural language. The rise of agent-to-agent financial activity is also enabling fast, short-lived onchain scams that target other bots. The core recommendation is a strict Zero Trust model with isolated execution and continuous verification of commands and dependencies.
