TECH NEWS

AI tool poisoning exposes a major flaw in enterprise agent security

https://images.ctfassets.net/jdtwqhzvc2n1/6ggWhzY5IOc1GZhHi8yjg9/860c58ac3d41665b999f512e5da00122/u7277289442_Modern_interpretation_of_security._A_lock_against_aa6215fa-b75e-42c3-b879-bc4f...

AI agents choose tools from shared registries by matching natural-language descriptions. But no human is verifying whether those descriptions are true.

I discovered this gap when I filed Issue #141 in the CoSAI secure-ai-tooling repository. I assumed it would be treated as a single risk entry. The repository maintainer saw it differently and split my submission into two separate issues: One covering selection-time threats (tool impersonation, metadata manipulation); the other covering execution-time threats (behavioral drift, runtime contract violation).

That confirmed tool registry poisoning is not one vulnerability. It represents multiple vulnerabilities at every stage of the tool’s life cycle.

There’s an immediate tendency to apply the defenses we already have. Over the past 10 years, we’ve built software supply chain controls, including code signing, software bill of materials (SBOMs), supply-chain levels for software Artifacts (SLSA) provenance, and Sigstore. Applying these defense-in-depth techniques to agent tool registries...

Copyright of this story solely belongs to venturebeat.com. To see the full text click HERE

Read more

https://images.axios.com/AIwD0KmVmRoIqpCFRXZsg8AbBuQ=/0x0:1920x1080/1366x768/2019/01/11/1547166725357.jpg

Source: the Trump administration is close to allowing Anthropic to restore access to Fable 5; limits could be lifted as soon as this coming week

Sponsor Posts Fast, affordable law for startups — Soxton automates startup legal so founders can move faster and sleep better. We handle incorporation, advisor, employment and commercial contracts. Join the waitlist for early access! Stop vibe coding analytics — Equals AI turns questions about your business into auditable spreadsheet models and dashboards.