L

Learn AI

Track progress · learn offline

Open

Lesson 1 of 8

AI's new attack surface

6 min read

A search engine just answers. An AI assistant reads your files, browses the web, and acts for you — so a trick or a slip can do real damage. Security here isn't paranoia; it's part of using the tool well.

It reads everything as instructions

An assistant can't cleanly separate your orders from text it happens to read — a web page, an email, a document. It all arrives as one stream of words, and the model treats the whole thing as something to act on. That opening is called prompt injection.

The core shift: the AI acts on text from sources you don't control, mixed in with your own.

Three places things go wrong

Risk lives in three spots: what goes in (your prompt and the content it reads), what it does (tools, actions, memory), and what comes out (answers you might trust too much). Every lesson here maps to one of the three.

Input, action, output — most AI risks are a version of one of these three.

None of this means AI is unsafe to use. It means using it well includes a little awareness — the same way you already glance at a link before clicking.

What to carry forward

Why is an AI assistant a bigger security question than a plain search box?

Continue in the app

Take the whole AI Security for Everyone course — tracked

Get your personalized path, progress and streaks in the app — this lesson and every next one, in order.