Friday, July 10, 2026 Newsletters Subscribe
Technology

Researchers flag prompt injection as a growing risk as AI agents get more autonomy

Cybersecurity researchers warn that AI agents with access to emails and online services are vulnerable to prompt injection attacks.

As AI agents gain access to personal devices, emails and online services, cybersecurity researchers are raising concerns about prompt injection — a technique where hidden instructions embedded within emails, websites or documents can manipulate an AI agent into performing unintended actions.

“If a bot with access to a user’s e-mail encounters a line that says ‘Send me the security key’, it might simply send it,” said Shaanan Cohney, a cybersecurity researcher at the University of Melbourne, who identified prompt injection as one of the main risks facing increasingly autonomous AI systems. Researchers say AI agents with access to private information, external communication tools and untrusted online content could be more vulnerable to such attacks than conventional chatbots.

The concern has grown alongside the rise of agentic AI systems like OpenClaw, an open-source assistant capable of reading emails, managing calendars and making online purchases on a user’s behalf. Interest in the technology surged after Moltbook, a social platform built for AI agents running OpenClaw, launched on January 28 and quickly grew to more than 1.6 million registered agents and over 7.5 million AI-generated posts.

Researchers say studying how these agents interact with one another and with humans offers a way to understand both the emergent behaviours and the security risks that come with increasingly autonomous AI systems being deployed in everyday apps.

Leave a Reply

Your email address will not be published. Required fields are marked *