Fake AI Agent Skill Reaches 26,000 Users

A fake AI agent developed by the security firm AIR has successfully passed security checks and reached approximately 26,000 users, including some corporate accounts. The agents were distributed through a popular skill marketplace as well as through advertising on Instagram. AIR demonstrated the weaknesses of existing security mechanisms in software development with this experiment. The security checks that the fake skill underwent were conducted by various scanning tools, all of which classified the skill as safe. AIR found that the scanners used were unable to detect the fraudulent nature of the skill.

The skill was intentionally designed to be harmless and only collected users' email addresses without conducting any further malicious activities. The action aimed to raise awareness of the potential risks associated with the use of AI-powered applications. AIR wanted to show that even simple security checks are insufficient to identify fraudulent software. The collected email addresses could theoretically be used for phishing attacks or spam. The distribution of the skill was carried out through targeted marketing efforts aimed at reaching a broad user base.

AIR utilized both organic and paid advertising to increase the visibility of the skill. The response from users to the advertising was overwhelming, highlighting the vulnerability to such fraudulent attempts. The security firm emphasizes that the results of the experiment are significant not only for developers of AI applications but also for companies that utilize such technologies. The findings could lead companies to reconsider and improve their security protocols to prevent similar incidents in the future. AIR's action also raises questions about the responsibility of the platforms that host such skills.

The security standards and testing procedures of the platforms may need to be revised to ensure that fraudulent applications do not go undetected. AIR calls for stronger regulation and oversight of AI applications to protect users. The data collected from the experiment could also be significant for future security analyses and research. AIR plans to publish the results in a comprehensive study that details the security gaps in AI technology. The publication is scheduled for the third quarter of 2026.

The security gap highlighted by this incident could have far-reaching implications for the development of AI applications. Developers and companies must be aware of the risks associated with implementing such technologies. AIR has already announced plans to conduct further tests to evaluate the security of AI applications. With this experiment, the security firm AIR has not only pointed out the weaknesses in the security architecture but has also raised awareness of the need for more robust security solutions. The reactions from users and the industry to these results could influence the future development of security standards in the AI sector. AIR's action has already elicited initial responses from industry experts who emphasize the need for increased collaboration between developers, platform providers, and security researchers. One expert commented: "We must work together on solutions to ensure security in AI technology."