CX Today What Moltbook Reveals About the Hidden Security Risks of Autonomous AI Agents
9 snips
Feb 25, 2026 Ali Sarrafi, CEO and founder of Kovant and former AI lead at Spotify, specializes in safe AI deployment for enterprises. He discusses how autonomous agents shift cybersecurity toward social-engineering style risks. He highlights agents acting correctly in the wrong context, the gap between consumer scams and enterprise disasters, and the need for governance-by-design and external controls.
AI Snips
Chapters
Transcript
Episode notes
Agents Are The New Social Engineering Threat
- Autonomous agents become a new vector for social engineering rather than traditional deterministic software bugs.
- Ali Sarrafi explains agents mimic human behavior and can be unpredictably manipulated, opening broad new security angles like prompt injection.
Correct Actions In Wrong Context Cause Failures
- Many security problems arise when agents perform correct actions in the wrong context because they have excessive access.
- Sarrafi gives the flights-booking example and warns guardrails must live outside agents to prevent accidental or injected actions.
Gandalf Game Reveals Prompt Injection Risks
- Sarrafi points to an online game called Gandalf that tests prompt-injection to trick agents into revealing passwords.
- He uses it as a concrete demonstration that agents can be socially engineered to leak credentials.