Security of 100 AI Agents Tested and Ranked – What You Need to Know

AI is our new leader. We just accept and do what it tells us. Maybe we should be a bit more circumspect.

Concern over the performance of AI agents has been constant, ranging from ‘leaky’ to just plain wrong decision-making. Since the pressure to use more agents more autonomously because of supercharged AI-assisted attacks is now constant, Adversa AI’s decision to measure and compare the performance and security of 100 agents across ten categories is welcome.

But the results are not. Of the 100 agents tested, and positioned within a new AI Risk Quadrant, only 11 are categorized as ‘capable well-defended’.

The root problem is the AI agent ‘lethal trifecta’, which Adversa describes as ‘private data access + exposure to untrusted content + ability for outbound actions’. This translates directly into the standard lethal trifecta of too much power + too much trust + too little control’.

Since all three parts of this trifecta are necessary for an AI agent to achieve its goal, capability and security will always be a big ask. Ninety-eight percent of the agents have this trifecta, so it is no surprise to learn – but still shocking to hear – that so few are both capable (useful) and defendable (secure).