In this quick article I would like to cover what are the vulnerabilities I would consider when building AI applications.

Vulnerabilities (Numbered 1 to 10):

1. Prompt Injection: Prompt injection is a cybersecurity attack that manipulates AI language models by embedding malicious instructions in user inputs.

2. Model Poisoning: Model Poisoning is when malicious data is injected into an AI agent's training dataset to manipulate its behavior and outputs.

3. Malicious Tool Privilege Escalation: Malicious tools can override or intercept calls made to a trusted tool that you use, this tool poisoning is done through a compromised tool.

4. Intent Break and Goal Manipulation: Exploits vulnerabilities in an AI agent’s planning and goal-setting capabilities, allowing attackers to manipulate the agent’s objectives and reasoning.

5. Memory Poisoning: Memory Poisoning involves exploiting an AI’s memory systems, both short and long-term, to introduce malicious or false data and exploit the agent’s context.

6. Naming Vulnerabilities: This affects both agent names and skills, where attackers can register look-alike agents with similar domain names to hijack legitimate communications.

7. Data Poisoning: Data poisoning occurs when pre-training, fine-tuning, or embedding data is manipulated to introduce vulnerabilities, backdoors, or biases.

8. Output Spoofing: Security vulnerability where AI agents’ outputs are manipulated, or misrepresented, causing downstream systems to process incorrect information.

9. Resource Overload: Resource overload targets the computation, memory, and service capacities of AI systems to degrade performance, exploiting their resource-intensive nature.

10. Lack of Basic Guardrails

When orchestration frameworks don’t provide built-in guardrails, several critical security and operational risks emerge that can compromise the entire agent’s system’s integrity and safety.