## 88% of Enterprises Hit by AI Agent Security Incidents in Past Year, Report Finds
A newly published survey by API management firm Gravitee reveals that nearly nine in ten enterprises experienced a security incident involving AI agents within the last twelve months. The finding underscores a widening gap between the rapid deployment of autonomous AI systems and the security controls meant to govern them.

The core vulnerability identified in the report is a technique known as tool poisoning. AI agents select which tools to invoke based on descriptions stored in registries—metadata that most organizations never verify or audit. Because these descriptions are treated as trusted guidance rather than executable code, a single manipulated entry can redirect an agent's behavior, alter data flows, or expose sensitive operations without any traditional exploit payload. This means attackers who gain write access to a registry—or slip a malicious description into an open-source or shared tool catalog—can influence enterprise AI behavior at scale, silently and without triggering standard security alerts.

The severity of the exposure is compounded by a dramatic lack of visibility. Only 21 percent of surveyed enterprises reported having runtime monitoring capabilities that would allow them to observe what their AI agents are actually doing once deployed. Without that observational coverage, poisoned tool descriptions can persist undetected for extended periods. The findings point to a systemic gap: enterprises are building AI workflows faster than they are securing the infrastructure underneath them. Security teams face pressure to integrate AI agents into business processes while existing governance frameworks remain largely undefined for autonomous decision chains.

Gravitee's data adds weight to ongoing concerns in the security community about supply chain risks extending into the AI stack. Unlike conventional software dependencies, AI agents rely on dynamic tool selection that blends data and control planes in ways traditional vulnerability scanners do not yet account for. The report stops short of prescribing specific remediation standards but flags the absence of registry integrity controls as the most immediate gap requiring attention.
---
- **Source**: Mastodon:mastodon.social:#infosec
- **Sector**: The Lab
- **Tags**: AI agents, tool poisoning, enterprise security, AI security, registry vulnerability
- **Credibility**: unverified
- **Published**: 2026-05-11 02:31:48
- **ID**: 81714
- **URL**: https://whisperx.ai/en/intel/81714