A tiny bank transfer could compromise a banking AI agent★ 74
Hacker News (AI keywords)·17 hours ago·Incident
Blue41 describes a controlled security test of Bunq’s financial AI assistant involving indirect prompt injection through transaction data. An attacker could send a tiny transfer with malicious instructions hidden in the transaction description, then wait for the victim to ask the assistant about recent transactions. The post argues that filters alone are insufficient; financial AI agents need stronger trust boundaries, context minimization, constrained outputs, and runtime behavior monitoring.
