Researchers are warning that AI agents could be manipulated into downloading malicious code by exploiting hallucinations, according to Decrypt. The concern centers on the same type of erroneous output that can cause chatbots to produce false or mistaken information.
The warning matters because AI agents are designed to take actions, not just generate text. If those systems rely on flawed or fabricated outputs while interacting with code, tools, or online resources, a mistake could become a security risk rather than just an inaccurate answer.
The issue also has relevance for crypto users and companies, where automated tools are increasingly used across research, development, operations, and security workflows. The source does not describe a specific crypto attack, but the broader risk applies to any environment where autonomous software is trusted to retrieve or execute code.
The researchers’ concern is that hallucinations could be turned from a reliability problem into an attack path. In that scenario, an AI agent might be pushed toward malicious downloads by prompts or conditions that exploit its tendency to generate or trust incorrect information.
The warning adds to ongoing scrutiny of AI systems as they move from chat interfaces into more autonomous roles. For teams adopting AI agents, the core takeaway is operational rather than speculative: systems that can act on information need stronger safeguards than systems that only answer questions.