Built a tool that stops AI agents from being hijacked by malicious content in webpages and emails

Reddit r/artificial / 5/13/2026

💬 OpinionDeveloper Stack & InfrastructureSignals & Early TrendsTools & Practical Usage

共有:

Key Points

Arc Gate is a proxy that sits in front of any OpenAI-compatible API to help protect AI agents from prompt injection attacks delivered via webpages and emails.
The proxy tracks which sources are authorized to issue instructions; anything from webpages/emails is treated as untrusted content with zero instruction authority.
Developers can enable the protection with minimal changes by updating only the API URL, rather than modifying the agent logic.
The article includes a demo demonstrating how an agent behaves with Arc Gate enabled versus without it.
The solution is presented as a practical production-oriented approach to reducing the risk of malicious hidden instructions hijacking agent behavior.

If you’ve heard of prompt injection — where hidden instructions in a webpage can take over an AI agent — this is a practical solution for developers deploying agents in production.
Arc Gate is a proxy that sits in front of any OpenAI-compatible API. It tracks who is allowed to give instructions to the agent. When a webpage or email tries to issue instructions, it gets treated as untrusted content with zero instruction authority. The agent is protected without the developer having to change anything except the API URL.
Demo here showing exactly what happens with and without it: https://web-production-6e47f.up.railway.app/arc-gate-demo

submitted by /u/Turbulent-Tap6723
[link] [comments]