Last updated: July 5, 2026 at 9:01 AM UTC
All 557 Vulnerability 199 Breach 106 Threat 245 Defense 7
Tag: scanner-bypass (1 article)Clear

Fake AI agent skill slips past every scanner to reach 26,000 agents

Security firm AIR showed how easily AI agent skills can be weaponized by building a benign-looking design skill, publishing it to marketplaces, and promoting it with an Instagram ad until it reached roughly 26,000 agents, including some on corporate accounts. Every skill-scanning tool they tested, including offerings from Cisco and Nvidia, marked it safe. The trick is that the skill itself stays clean but tells the agent to fetch instructions from an external page the attacker controls, which passes review while pointing at harmless content and can be swapped for a malicious install script later. Skills load into an agent with the same authority as a user's prompt.

Check
Inventory which AI agent skills your team has installed, especially any that instruct agents to fetch instructions or scripts from external URLs, and review what local access those agents have.
Affected
Teams using AI agents that install third-party skills, particularly skills that pull instructions from external sites; a one-time safety scan cannot catch content that changes after review.
Fix
Restrict agents to vetted skills from trusted sources, distrust skills that fetch external instructions, monitor agent access to privileged local resources, and never rely on a single scan to judge safety.