Publications
Prompt injection to RCE in AI agents
We bypassed human approval protections for system command execution in AI agents, achieving RCE in three agent platforms.
Uncovering memory corruption in NVIDIA Triton (as a new hire)
In my first month at Trail of Bits as an AI/ML security engineer, I found two remotely accessible memory corruption bugs in NVIDIA’s Triton Inference Server during a routine onboarding practice.