AI + a16z Why Social Engineering Now Works on Machines
23 snips
Dec 2, 2025 
Ian Webster, Founder and CEO of PromptFoo, shares insights from his experience as a former Discord engineer focused on AI agent security. He discusses how the 'lethal trifecta'—untrusted input, sensitive data, and exfiltration—leads to security incidents. Ian highlights the innovative approach of automating red-teaming with thousands of adversarial conversations to expose vulnerabilities. He also recounts lessons learned from building agents at Discord, emphasizing the importance of integrating security into the development process.
AI Snips
Chapters
Transcript
Episode notes
Conversation Is The New Attack Surface
- Agent attack surface is conversation, not code, because persuasion works on machines.
- Traditional security (patches, firewalls) fails against social-engineering-style attacks on agents.
Discord Lessons Sparked PromptFu
- Ian built agents at Discord and spent most effort on security, trust, and safety.
- That experience drove PromptFu's creation to test agents at scale for data leaks and jailbreaks.
Provide Developer-Friendly Security Tools
- Give developers easy CLI/IDE tools to run security tests locally before deployment.
- Automate embedding of tests into CI/CD and PRs to reduce late-stage scramble.