The Trail of Bits Blog

Remote-Code-Execution

Prompt injection to RCE in AI agents

Will Vandevanter

October 22, 2025

machine-learning, vulnerabilities, prompt-injection, remote-code-execution

We bypassed human approval protections for system command execution in AI agents, achieving RCE in three agent platforms.

About Us

Since 2012, Trail of Bits has helped secure some of the world's most targeted organizations and products. We combine high-end security research with a real world attacker mentality to reduce risk and fortify code.

Read more at: www.trailofbits.com

Social

Recent Posts

Prompt injection to RCE in AI agents
Taming 2,500 compiler warnings with CodeQL, an OpenVPN2 case study
Supply chain attacks are exploiting our assumptions
Use mutation testing to find the bugs your tests don't catch
Fickling’s new AI/ML pickle file scanner

Categories

© 2025 Trail of Bits. Generated with Hugo and Mainroad theme.