Search papers, labs, and topics across Lattice.
This paper presents findings from penetration tests conducted in 2025 on two proprietary AI agent products, evaluating their security posture. The tests revealed that despite stricter coding standards and formal review processes, these agents still exhibit recurring classes of weaknesses observed in prior computing systems. The findings highlight the significant security burden imposed by the broad interaction surface of execution-capable AI agents.
Proprietary AI agents, despite stricter development processes, are still riddled with the same old security holes.
As AI systems gain increasing autonomy and execution capability, the number of discovered security vulnerabilities continues to rise. However, many of these vulnerabilities are not fundamentally novel, but instead reflect recurring classes of weaknesses long observed in prior computing systems. Execution-capable AI agents are effectively unbounded, self-modifying programs that interact extensively with multiple layers of the computing stack. This broad interaction surface imposes a significant security burden on developers, who must reason about and secure complex cross-layer behaviors. Prior research has primarily focused on vulnerabilities in open-source agents and agent frameworks. In contrast, it remains unclear whether proprietary agent systems -- developed under stricter coding standards and formal review processes -- exhibit similar security weaknesses. In this paper, we present findings from two penetration tests conducted in 2025 against proprietary agent products and evaluate whether the security posture of AI agents has improved since these assessments.
