NEW paper from Google DeepMind: AI Agent Traps. elvis (@omarsar0) NEW paper from Google DeepMind The biggest threat to AI agents isn't a smarter attacker. It's the web itself. This work introduces the first systematic framework for understanding how the open web can be weaponized against autonomous agents. The paper defines "AI Agent Traps": adversarial content embedded in web pages and digital resources, engineered specifically to exploit visiting agents. The taxonomy covers six attack classes targeting different parts of the agent architecture like perception (hidden instructions in HTML/CSS) and memory (RAG poisoning and latent memory corruption). The attack surface is no longer just the model. It is every web page, every retrieved document, every piece of content the agent ingests at inference time. Hidden prompt injections in HTML already partially commandeer agents in up to 86% of scenarios, and latent memory poisoning achieves 80%+ attack success with less than 0.1% data contamination. This paper maps where the defenses are weakest and where the research community needs to focus next. Paper: papers.ssrn.com/sol3/papers.… Learn to build effective AI agents in our academy: academy.dair.ai/ — https://nitter.net/omarsar0/status/2039383554510217707#m

→ View original post on X — @dair_ai, 2026-04-01 16:46 UTC