The shift to agentic RAG, which allows techniques to plan, purpose, perform complicated duties and repair their very own errors, has resolved reliability points. Nonetheless, this improvement has additionally launched important security challenges.
Half II: The 2026 menace panorama
As brokers transition from passive textual content mills to energetic entities with device entry, the security paradigm has shifted. The OWASP High 10 for LLM functions, up to date for late 2025, displays this actuality. The danger is now not simply offensive content material. It’s unauthorized motion, knowledge exfiltration and monetary exhaustion.
Oblique immediate injection: The “zero-click” exploit
Oblique immediate injection is broadly thought-about probably the most essential vulnerability in agentic techniques. Not like direct jailbreaking, the place a person assaults the mannequin, Oblique Injection happens when the agent processes exterior content material that accommodates hidden malicious directions.
