The Call Is Coming From Inside the Agent (And It Has Your Credentials)
You’ve shipped your first agent. It works. It’s useful. It might also be a security liability you don’t even know about. In this episode, Yuval talks to Zenity CTO Michael Bargury about how easy it is to hijack popular agent systems like Copilot and Cursor, what “zero-click” attacks look like in the agent era, and how to monitor, constrain, and secure your AI Agent in production. From sneaky prompt injections to memory-based persistence and infected multi-agent workflows, this is the “oh no” moment every builder needs.
Key Topics:
- Why “ignore previous instructions” still works better than it should
- How one agent goes rogue… and infects the others
- Real-world attacks: social media triggers, CRM leaks, and logic bombs
- Observability 101 for AI: logs, reasoning traces, and root cause sanity
- The new rule: build like it will go rogue—because one day it will
What is YAAP (Yet Another AI Podcast)?
YAAP brings you practical conversations with the people actually building generative AI solutions. No hype, no sales pitches, just honest discussions about challenges, solutions, and lessons learned.
Listen to developers and engineers share what works, what doesn't, and what they wish they'd known sooner. Simple, useful insights for anyone working with AI — hosted by AI21's Yuval Belfer.