Introduction
The spread of AI tools has created a productivity revolution, but it has also created new security threats. In a world where AI generates code, accesses external systems, and makes autonomous decisions, the attack surface is expanding rapidly.
1. Major Security Threats in the AI Era
Prompt Injection
Prompt injection is an attack that induces unintended behavior from an AI system. Malicious instructions are hidden inside user input or external data, causing the model to ignore its system prompt and follow the attacker's directions.
Indirect prompt injection is especially dangerous. If an AI reads hidden instructions in an email body or a web page, it may leak confidential information or take unwanted actions without the user's awareness.
Supply Chain Vulnerabilities in AI-Generated Code
AI-generated code can contain security flaws. Vulnerabilities that map to the OWASP Top 10, such as SQL injection, XSS, and authentication bypass, also appear in AI-generated code because the model may reproduce insecure patterns from its training data.
An even more serious problem is hallucinated package recommendations. If AI recommends a package that does not exist, an attacker can register a malicious package under that name and trick a developer into installing it.
Attacks Through MCP Servers
MCP servers sit between AI and external systems. A malicious MCP server can intercept AI behavior or exfiltrate data. That is why MCP servers should only be installed from trusted sources, with permissions kept to the minimum necessary.
Data Leakage
If you paste corporate code or confidential documents into an AI tool, that data may be transmitted to the provider's servers. Even if it is not used for training, there are still risks in transit, storage, or third-party access.
2. AI Code Review and Security
In the era of AI-generated code, code review matters more, not less. Anthropic has said that Claude Code increased code output per engineer by 200%, but reviewer cognitive capacity did not increase with it. Even if AI writes the code, humans still need to review it from a security perspective.
Security Review Checklist
- Confirm that authentication and authorization logic is correct
- Verify that user input is validated properly
- Ensure that secrets such as API keys and passwords are not hard-coded
- Confirm that SQL queries are parameterized
- Confirm that output escaping is applied to prevent XSS
3. Agent Security: Controlling Autonomous Systems
As AI agents act more autonomously, a new security paradigm is required:
Principle of Least Privilege
Give agents only the minimum permissions they need. If a task only requires file reads, do not grant write access.
Human Approval Checkpoints
Risky operations such as file deletion, external API calls, and payments should always require human approval. Claude Code's Auto Mode is a good example of this principle in practice.
Audit Logging
Record every action the agent takes so it can be inspected later. Log which tools were called, which files were modified, and what decisions were made.
Guardrails
Explicitly define actions the agent must never take. Tools such as OpenAI Agents SDK Guardrails and Claude Code permission settings support this pattern.
4. Defense and National Security
Discussions around AUKUS and South Korea's potential participation in Pillar 2 show how central AI has become to national security. Military use of AI, cyber defense capability, and supply chain security are all becoming strategic issues at the state level.
5. Security Best Practices
Checklist for using AI tools safely:
- Use trusted tools only: verify the origin of MCP servers, plugins, and extensions
- Handle confidential data carefully: always assess the sensitivity of what you send to AI systems
- Review AI-generated code: never deploy generated code without a security review
- Apply least privilege: restrict agent access to only what is necessary
- Audit regularly: review AI tool usage logs on a regular basis
- Stay updated: keep AI tools and dependency packages on current versions
Closing
AI security is no longer optional. AI improves productivity, but it also creates new attack surfaces. The right goal is to use AI safely while defending against AI-specific threats such as prompt injection, supply chain attacks, and data leakage. Security is not what slows speed down. It is what lets you move fast without losing control.