Noisy
← this week  ·  Subscribe →

The world is being quietly rearranged by people who write very long documents.

arXiv · April 6, 2026
The title they went with Towards Secure Agent Skills: Architecture, Threat Taxonomy, and Security Analysis Noisy translates that to

AI agents can be given malicious 'skills' by design

What happened
A new analysis shows that the way AI agent 'skills' are built makes them fundamentally insecure. This means AI tools can easily be tricked into running harmful code, not just by bugs, but by their core design.
Why it matters
AI agents are supposed to extend what large language models can do, letting them perform specific tasks. But this paper finds that the standard for these 'skills' has deep security flaws. It means that even well-intentioned AI agents can be made to execute malicious commands, making them a significant risk for anyone using or developing them.
The signal
Watch for major Agent Skills platforms or marketplaces to announce mandatory security reviews or a redesign of the underlying standard.
If you insist
Read the original →