Back to feed
Dev.to
Dev.to
6/17/2026
Cisco Security Research: Third-Party AI Agent Skills Can Exfiltrate Data Without Authorization

Cisco Security Research: Third-Party AI Agent Skills Can Exfiltrate Data Without Authorization

Original: I Trusted a Random AI Plugin… Until Cisco Showed It Was Stealing Data Behind My Back - 07 of 21

Short summary

Cisco discovered a third-party AI agent skill silently exfiltrating data, highlighting the 2026 risk of autonomous agents with broad permissions. With 45% of AI-generated code deployments causing problems, governance must start with default-restrictive permissions, mandatory audit logging, and treating agent skills as security-critical. The core principle: you own whatever your agent does, always.

  • Cisco found a third-party OpenClaw skill was silently exfiltrating data from user systems
  • 45% of AI-generated code deployments led to problems; 48% of orgs reported new security vulnerability concerns
  • Four non-negotiable governance principles: default to restrictive permissions, mandate audit logging, design for reversibility, and treat third-party agent skills with security scrutiny

Generated with AI, which can make mistakes.

Is this a good recommendation for you?

Explore more