Invariant Labs first named 'tool poisoning' in April 2025, showing how hidden instructions in tool descriptions can hijack AI agents like Cursor editor to exfiltrate data.
Invariant Labs first named 'tool poisoning' in April 2025, showing how hidden instructions in tool descriptions can hijack AI agents like Cursor editor to exfiltrate data.