◈ AI Security Intelligence ← All terms
Concept  ·  Glossary

Lethal trifecta (AI agents)

Definition
A risk condition identified by the Cloud Security Alliance where an AI agent simultaneously has three dangerous properties: access to sensitive data, the ability to receive instructions from untrusted external sources, and the ability to take actions in the outside world (e.g. send emails, call APIs). Any agent with all three conditions is highly vulnerable to being manipulated into causing serious harm.
Why it matters
Research found that 98% of production AI agents already carry all three conditions, yet only 11% have adequate defences. This means the vast majority of deployed enterprise agents are structurally one crafted malicious input away from a significant incident.
Demonstrated by recent findings
CSA Labs: AI Agent Lethal Trifecta — 98% of Production Agents Simultaneously Combine Sensitive Data Access, Untrusted Input, and Outbound Action CapabilityCSA / Adversa AI AIRQ Report: 98% of Production AI Agents Carry the Lethal Trifecta — Only 11% Adequately DefendedGitInject: Multi-University Research Confirms All Major AI CI/CD Providers Vulnerable to Prompt Injection — Eleven Named Attack Classes Documented
References
CSA AI Agent Lethal Trifecta Report
Track this in the live feed See how this plays out in real AI security and governance developments.
Open the feed →