When most people think about AI security, they imagine technical attacks.
But one of the most effective attacks against AI agents looks surprisingly familiar:
Social engineering.
Humans have spent decades learning to recognize:
• phishing
• impersonation
• manipulation
• suspicious requests
AI agents haven't.
An agent doesn't need malware to fail.
Sometimes all it takes is a convincing instruction.
That's what makes prompt injection so interesting.
The attack often isn't exploiting software.
It's exploiting trust.
A manipulated instruction can cause an agent to:
• ignore safeguards
• reveal information
• change behavior
• execute unintended actions
And because the instruction looks legitimate, traditional security controls may never notice.
As AI agents gain:
• memory
• tool access
• autonomy
• workflow control
...the cost of misplaced trust increases.
This is one of the reasons we started building Crucible:
"Pytest for AI agents."
An open-source framework for:
• prompt injection testing
• adversarial evaluation
• behavioral monitoring
• agent security testing
Because securing AI systems isn't only about code.
It's about trust.
