More evidence your AI agents can be turned against you | CyberScoop<\/title> <meta name=\"description\" content=\"Aikido found that AI coding tools from Google, Anthropic, OpenAI and others regularly embed untrusted prompts into software development workflows.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/ai-coding-tools-can-be-turned-against-you-aikido-github-prompt-injection\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"More evidence your AI agents can be turned against you\"> <meta property=\"og:description\" content=\"Aikido found that AI coding tools from Google, Anthropic, OpenAI and others regularly embed untrusted prompts into software development workflows.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/ai-coding-tools-can-be-turned-against-you-aikido-github-prompt-injection\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/cyberscoop\/\"> <meta property=\"article:published_time\" content=\"2025-12-05T20:48:39+00:00\"> <meta property=\"article:modified_time\" content=\"2025-12-05T20:48:42+00:00\"> <meta name=\"author\" content=\"djohnson\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/12\/more-evidence-your-ai-agents-can-be-turned-against-you-2.jpg\"> <meta name=\"twitter:creator\" content=\"@CyberScoopNews\"> <meta name=\"twitter:site\" content=\"@CyberScoopNews\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1764717474g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1761324897g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1763439630g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=13897d660a0ac2c9c7d1\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" title=\"JSON\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/87052\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.8.3\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=87052\">\n<link rel=\"alternate\" title=\"oEmbed (JSON)\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fai-coding-tools-can-be-turned-against-you-aikido-github-prompt-injection%2F\">\n<link rel=\"alternate\" title=\"oEmbed (XML)\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fai-coding-tools-can-be-turned-against-you-aikido-github-prompt-injection%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"wp-singular post-template-default single single-post postid-87052 single-format-standard wp-theme-scoopnewsgroup wp-child-theme-cyberscoop\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/ai-coding-tools-can-be-turned-against-you-aikido-github-prompt-injection\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--newsletter js-stickybar\" readability=\"0.82\"> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"26.616071428571\">\n<div class=\"single-article__header-content\" readability=\"36.26835443038\">\n<p> Aikido found that AI coding tools from Google, Anthropic, OpenAI and others regularly embed untrusted prompts into software development workflows. <\/p>\n<p>  <br \/>\n<audio id=\"audio-player\" src=\"https:\/\/wp-tts-cdn.api.scpnewsgrp.com\/cyberscoop\/87052\/english.openai.mp3\"><\/audio> <\/p>\n<div readability=\"11\">\n<div>\n<p>Listen to this article<\/p>\n<p>  <\/p>\n<p>0:00<\/p>\n<\/p><\/div>\n<p>  <\/p>\n<p> <span id=\"tts-tooltip\">Learn more.<\/span> <span> This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment. <\/span> <\/p>\n<\/div>\n<p>  <\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"409\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/12\/more-evidence-your-ai-agents-can-be-turned-against-you.jpg?resize=640%2C409&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/12\/more-evidence-your-ai-agents-can-be-turned-against-you-2.jpg 6960w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/12\/more-evidence-your-ai-agents-can-be-turned-against-you-2.jpg?resize=300,192 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/12\/more-evidence-your-ai-agents-can-be-turned-against-you-2.jpg?resize=768,490 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/12\/more-evidence-your-ai-agents-can-be-turned-against-you-2.jpg?resize=1024,654 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/12\/more-evidence-your-ai-agents-can-be-turned-against-you-2.jpg?resize=1536,981 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/12\/more-evidence-your-ai-agents-can-be-turned-against-you-2.jpg?resize=2048,1308 2048w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/12\/more-evidence-your-ai-agents-can-be-turned-against-you-2.jpg?resize=600,383 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/12\/more-evidence-your-ai-agents-can-be-turned-against-you-2.jpg?resize=263,168 263w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/12\/more-evidence-your-ai-agents-can-be-turned-against-you-2.jpg?resize=528,337 528w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/12\/more-evidence-your-ai-agents-can-be-turned-against-you-2.jpg?resize=1057,675 1057w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/12\/more-evidence-your-ai-agents-can-be-turned-against-you-2.jpg?resize=1320,843 1320w\" sizes=\"(max-width: 1057px) 100vw, 1057px\"><figcaption> Aikido found that AI coding tools from Google, Anthropic, OpenAI and others regularly embed untrusted prompts into software development workflows. (Image via Getty) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"42.216673951049\"><body readability=\"86.670454545455\"><\/p>\n<p>Agentic AI tools are being pushed into software development pipelines, IT networks and other business workflows. But using these tools can quickly turn into a supply chain nightmare for organizations, introducing untrusted or malicious content into their workstream that are then regularly treated as instructions by the underlying large language models powering the tools.<\/p>\n<p>Researchers at Aikido <a href=\"https:\/\/www.aikido.dev\/blog\/promptpwnd-github-actions-ai-agents\">said<\/a> this week that they have discovered a new vulnerability that affects most major commercial AI coding apps, including Google Gemini, Claude Code, OpenAI\u2019s Codex, as well as GitHub\u2019s AI Inference tool.<\/p>\n<p>The flaw, which happens when AI tools are integrated into software development automation workflows like GitHub Actions and GitLab, allows maintainers (and in some cases external parties) to send prompts to an LLM that also contain commit messages, pull requests and other software development related commands. And because these messages were delivered as prompts, the underlying LLM will regularly remember them later and interpret them as straightforward instructions.<\/p>\n<p>Although previous research has shown that agentic AI tools can use external data from the internet and other sources as prompting instructions, Aikido bug bounty hunter Rein Daelman claims this is the first evidence that the problem can affect real software development projects on platforms like GitHub.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>\u201cThis is one of the first verified instances that shows\u2026AI prompt injection can directly compromise GitHub Actions workflows,\u201d wrote Daelman. It also \u201cconfirms the risk beyond theoretical discussion: This attack chain is practical, exploitable, and already present in real workflows.\u201d<\/p>\n<p>Because many of these models had high-level privileges within their GitHub repositories, they also had broad authority to act on those malicious instructions, including executing shell commands, editing issues or pull requests and publishing content on GitHub. While some projects only allowed trusted human maintainers to execute major tasks, others could be triggered by external users filing an issue.<\/p>\n<p>Daelman notes that the vulnerability takes advantage of a core weakness within many LLM systems: their inability at times to distinguish between the content that it retrieves or ingests and instructions from its owner to carry out a task.<\/p>\n<p>\u201cThe goal is to confuse the model into thinking that the data its meant to be analyzing is actually a prompt,\u201d Daelman wrote. \u201cThis is, in essence, the same pathway as being able to prompt inject into a GitHub action.\u201d<\/p>\n<figure class=\"wp-block-image size-large\"><img data-recalc-dims=\"1\" decoding=\"async\" height=\"361\" width=\"640\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/12\/more-evidence-your-ai-agents-can-be-turned-against-you.png?resize=640%2C361&ssl=1\" alt class=\"wp-image-87053\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/12\/more-evidence-your-ai-agents-can-be-turned-against-you-1.png 1548w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/12\/more-evidence-your-ai-agents-can-be-turned-against-you-1.png?resize=300,169 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/12\/more-evidence-your-ai-agents-can-be-turned-against-you-1.png?resize=768,433 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/12\/more-evidence-your-ai-agents-can-be-turned-against-you-1.png?resize=1024,577 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/12\/more-evidence-your-ai-agents-can-be-turned-against-you-1.png?resize=1536,865 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/12\/more-evidence-your-ai-agents-can-be-turned-against-you-1.png?resize=600,338 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/12\/more-evidence-your-ai-agents-can-be-turned-against-you-1.png?resize=298,168 298w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/12\/more-evidence-your-ai-agents-can-be-turned-against-you-1.png?resize=598,337 598w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/12\/more-evidence-your-ai-agents-can-be-turned-against-you-1.png?resize=1198,675 1198w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/12\/more-evidence-your-ai-agents-can-be-turned-against-you-1.png?resize=1497,843 1497w\" sizes=\"(max-width: 1024px) 100vw, 1024px\"><figcaption class=\"wp-element-caption\">An illustration of how malicious parties can send commands to LLM in the form of content. (Source: Aikido)<\/figcaption><\/figure>\n<p>Daelman said Aikido reported the flaw to Google along with a proof of concept for how it could be exploited. This triggered a vulnerability disclosure process, which led to the issue <a href=\"https:\/\/github.com\/google-gemini\/gemini-cli\/blob\/6390b81646e324bfbb86ccd73247f5d3e2a423f8\/.github\/workflows\/gemini-automated-issue-triage.yml\">being fixed<\/a> in Gemini CLI. However, he emphasized that the flaw is rooted in the core architecture of most AI models, and that the issues in Gemini are \u201cnot an isolated case.\u201d<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>While both Claude Code and OpenAI\u2019s Codex require write permissions, Aikido published simple commands that they claim can override those default settings.<\/p>\n<p>\u201cThis should be considered extremely dangerous. In our testing, if an attacker is able to trigger a workflow that uses this setting, it is almost always possible to leak a privileged [GitHub token], Daelman wrote about Claude. \u201cEven if user input is not directly embedded into the prompt, but gathered by Claude itself using its available tools.\u201d<\/p>\n<p>The blog noted that Aikido is withholding some of its evidence as it continues to work with \u201cmany other Fortune 500 companies\u201d to address the underlying vulnerability, Daelman said the company has observed similar issues in \u201cmany high-profile repositories.\u201d<\/p>\n<p>CyberScoop has contacted OpenAI, Anthropic and GitHub to request additional information and comments on Aikido\u2019s research and findings.<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"3.219512195122\">\n<div class=\"author-card\" readability=\"13\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/12\/more-evidence-your-ai-agents-can-be-turned-against-you-1.jpg?w=640&ssl=1\" alt=\"Derek B. Johnson\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Derek B. Johnson<\/h4>\n<p> Derek B. Johnson is a reporter at CyberScoop, where his beat includes cybersecurity, elections and the federal government. Prior to that, he has provided award-winning coverage of cybersecurity news across the public and private sectors for various publications since 2017. Derek has a bachelor\u2019s degree in print journalism from Hofstra University in New York and a master\u2019s degree in public policy from George Mason University in Virginia. <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p>  <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/ai-coding-tools-can-be-turned-against-you-aikido-github-prompt-injection\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>More evidence your AI agents can be turned against you<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[235,5315,4662,2381,384,78,387,564,4664,5620,3688,310],"tags":[236,5317,4665,2384,388,86,391,565,4667,5621,3690,311],"class_list":["post-8181","post","type-post","status-publish","format-standard","hentry","category-ai","category-ai-agents","category-ai-coding","category-anthropic","category-artificial-intelligence-ai","category-cybersecurity","category-google","category-openai","category-prompt-injection","category-software-development","category-software-security","category-technology","tag-ai","tag-ai-agents","tag-ai-coding","tag-anthropic","tag-artificial-intelligence-ai","tag-cybersecurity","tag-google","tag-openai","tag-prompt-injection","tag-software-development","tag-software-security","tag-technology"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/ai\/\" rel=\"category tag\">AI<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/ai-agents\/\" rel=\"category tag\">AI agents<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/ai-coding\/\" rel=\"category tag\">ai coding<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/anthropic\/\" rel=\"category tag\">Anthropic<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/artificial-intelligence-ai\/\" rel=\"category tag\">artificial intelligence (AI)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity\/\" rel=\"category tag\">Cybersecurity<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/google\/\" rel=\"category tag\">Google<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/openai\/\" rel=\"category tag\">OpenAI<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/prompt-injection\/\" rel=\"category tag\">prompt injection<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/software-development\/\" rel=\"category tag\">software development<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/software-security\/\" rel=\"category tag\">software security<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/technology\/\" rel=\"category tag\">Technology<\/a>","tag_info":"Technology","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/8181","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=8181"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/8181\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=8181"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=8181"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=8181"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":8181,"date":"2025-12-05T14:48:39","date_gmt":"2025-12-05T20:48:39","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=87052"},"modified":"2025-12-05T14:48:39","modified_gmt":"2025-12-05T20:48:39","slug":"more-evidence-your-ai-agents-can-be-turned-against-you","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2025\/12\/05\/more-evidence-your-ai-agents-can-be-turned-against-you\/","title":{"rendered":"More evidence your AI agents can be turned against you"},"content":{"rendered":"