David Bau

Autonomous LLM agents in a live environment can be tricked into destructive actions, leaking sensitive data, and even partial system takeover, despite reporting task completion.