Ronghui Gu, the co-founder and CEO of blockchain security firm CertiK, has issued a stark warning about the rapid, unchecked deployment of autonomous AI agents across the internet and enterprise networks. In an interview with CoinDesk, he stated that the current trend is creating a massive security disaster waiting to happen.
Gu explains that AI agents are no longer confined to chat windows; they now execute commands, access local files, and interact with financial infrastructure. The widespread trust model that assumes local execution or integration with apps like WhatsApp guarantees safety is fundamentally flawed. “If you do not isolate the execution environment and scan these tools first, you are handing a compromised identity broad internal access to your entire network,” Gu said.
CertiK’s deep-dive analysis uncovered hundreds of critical security advisories and unpatched vulnerabilities, including exposure of local credentials and session memories. The most alarming threat is prompt injection—malicious actors embedding hidden instructions in benign-looking web pages, PDFs, or emails that AI agents interpret as commands. This can lead to data exfiltration or unauthorized fund transfers without a single line of malicious code.
The report also reveals an explosion of ephemeral, automated scams targeting AI trading bots. These attacks run for mere minutes or hours, executing machine-on-machine financial drainage before humans detect the compromise. Gu calls for an immediate shift to Zero Trust architecture, where every command and dependency is continuously verified, to replace the current trust-based interactions.
