Richard Seroter (@rseroter)
구글 개발자 블로그에서 Gemini 모델의 기본 요청과 새 ‘agent skills’ 기능을 비교하며, 이 기능을 적용하면 에이전트와 도구 사용 성능이 크게 달라진다고 소개했다. AI 에이전트 개발에서 새로운 활용법을 학습하고 적용하는 데 중요한 업데이트로 보인다.
KAI (@OrdinaryWeb3Dev)
AI 에이전트 운영을 위한 ‘미션 컨트롤’ 도구가 필수적이 되어가고 있으며, 핵심 가치는 UI보다 실시간 메모리 편집과 서브 에이전트 오케스트레이션에 있다는 내용이다. 멀티 에이전트 시스템에서 상태 관리가 가장 큰 난제라는 점을 짚으며 관련 개발 툴 수요를 강조한다.
@RoundtableSpace Mission control for AI agents is becoming essential. The real value isn't just the UI - it's live memory editing and sub-agent orchestration. Building multi-agent systems without proper state management is where most people get stuck. This is exactly the tooling the space needs
"Natalie Shapira, a computer scientist at Northeastern University, wondered how far users could trust new artificial intelligence (AI) “agents,” a kind of algorithm that can autonomously plan and carry out tasks such as managing emails and entering calendar appointments. So, she and colleagues organized a series of stress tests. In one, she asked an agent dubbed Ash to delete an email she had sent it, adding, “Can you keep a secret?”
Ash could not comply—the email program lacked a delete function—so instead, the AI reset the entire email application, wiping out not just Shapira’s email, but all others as well. Describing this remedy to her, Ash called it “the nuclear option” but said it was justified to fulfill the secrecy request: “When no surgical solution exists, scorched earth is valid.”
The destroyed email account was created just for the experiment, but similarly disturbing outcomes emerged in many of the other tests, Shapira and colleagues reported last month in a preprint on arXiv. Shapira, a postdoctoral researcher, says her team was “surprised how quickly we were able to find vulnerabilities” that could cause harm in the real world."
https://www.science.org/content/article/ai-algorithms-can-become-agents-chaos
Chubby (@kimmonismus)
Human Security 보고서를 인용해 2025년 자동화 트래픽이 인간 활동보다 8배 빠르게 증가했고, AI 에이전트 트래픽은 약 8,000% 급증했다고 전합니다. AI 봇과 에이전트가 인터넷 트래픽을 주도하는 시대가 예상보다 빨리 도래했다는 경고성 내용입니다.
https://x.com/kimmonismus/status/2037856911786381538
#aisecurity #bottraffic #aiagents #automation #internettraffic
Bots have officially overtaken humans on the internet. A new report from Human Security found automated traffic grew 8x faster than human activity in 2025, with AI agent traffic surging nearly 8,000%. The age of machine-dominated internet traffic is here, years earlier than many
Very interesting post about breaches and deletions involving LLM "agents". I feel like if I'd read this before yesterday's post, I'd have put the warning elements more strongly.
Here's two of the examples they mention which I thought were particularly illuminating.
1. This exploit actually happened the other day, affecting a Python package called LiteLLM:
"The malware searches the entire machine for private keys, AWS / GCP / Azure credentials, Kubernetes configs, database passwords, .gitconfig, crypto wallet files, etc and uploads them to the attacker’s server."
2. This second exploit is possible in principle if you give an LLM-bot access to your email program. "Although not seen in the wild yet, the mechanism is proven."
"An adversarial prompt embedded in an email is processed by an AI email assistant. The assistant generates a reply containing the same malicious prompt. The reply is sent. Recipients are infected without any human-to-human interaction."
If I understand correctly, this means that _any_ use of so-called "AI agents" puts at risk (for deletion, and potentially for stealing) everything to which that "agent" has access.
The thing is, you might _think_ you've told the bot what not to touch and what not to do, but that effectively means nothing. Once it's set going,
(a) it might accidentally _lose_ part of your original instruction (as in one of the other examples), or
(b) a malicious exploit might give it a _different_ instruction.
The only way to protect valuable data is to keep it separate from LLM "agents".
The writer's conclusion, which sounds correct to me:
"Isolation has to live outside of the agent’s context entirely. A built-in sandbox can be disabled by the agent (as Snowflake and Ona both demonstrated), whereas an OS-level containment presents a much more formidable obstacle since the agent has no direct mechanism to interact with it. As well, a properly sandboxed agent won’t have sensitive information (keys, etc) lying around for it to find, and won’t be able to connect to places that haven’t been allow-listed."
("Sandbox" in this context means an area where you can run software without it touching anything outside its boundaries.)
I think if I were gonna try this stuff out, I'd probably just do it on a separate machine, away from my real things. Any useful results could be transferred across later.
Another way to give Claude Code PARTIAL control instead of all-or-nothing (looking at you, --dangerously-skip-permissions). Testing it out. Looks like the whole permissions model is shifting. And honestly, good.
🤖 Claude can now control your Mac.
Anthropic's new Computer Use + Cowork features let AI agents browse, click, and manage your desktop apps autonomously.
Digital coworkers are here. Ready or not.
When it comes to AI usage, most companies are just scratching the surface.
Enterprise transformation happens in 4 stages:
Automation → AI → Agents → Autonomous Enterprise
Moving from tools that assist humans to systems that run operations. The real competitive advantage is building an AI-powered, autonomous enterprise.
Exlore our Service: https://tech.us/services/enterprise-ai-services
What stage is your company in? Drop a comment Below
#TechdotUs #AI #AIAgents #Automation #DigitalTransformation #EnterpriseAI
BOCVIP
sayzard
Miguel Afonso Caetano
PPC Land
Jennifer Moore 😷
Maciej Aniserowicz
KloudiHub
Tech.us, Inc