AI Agents Think. They Just Don’t Know They’re Being Watched. Introduction Over the past year AI agents have been popping up everywhere. Customer support bots, trading platforms, coding …

InfoSecWriteUps' platform is  dedicated to providing insights and resources for cybersecurity professionals and enthusiasts. Through articles, tutorials, and security research, InfoSecWriteUps offers insights into cybersecurity vulnerabilities, attack techniques, and defense strategies. Readers can learn about penetration testing, threat intelligence, and incident response to enhance their cybersecurity knowledge and skills.

InfoSec Write-ups

A security researcher breaks down eight attack vectors for AI-powered applications — including prompt injection, indirect prompt injection, RAG poisoning, SSRF via AI browsing, and multi-modal injection — then details two critical vulnerabilities found in a crypto AI trading platform. The first was system prompt leakage: toggling a stream parameter to false returned the full internal response including a 14,000-token proprietary system prompt, model details, and agent architecture. The second was unauthenticated access to a GraphQL WebSocket endpoint that exposed the platform's entire paid trading signal feed to anyone without a login. Key takeaways include always testing WebSocket auth independently, flipping stream parameters, and checking GraphQL introspection in production.