Security Considerations for Artificial Intelligence Agents

Li, Zhang, Polley & Ma (2026). Perplexity's formal response to NIST outlines the fundamental ways that agent architectures break classical security assumptions: code-data separation collapses, authority boundaries blur, execution becomes unpredictable. This is required reading for anyone shipping agentic systems — it maps every major attack surface from prompt injection to confused-deputy attacks and proposes a layered defence stack.