AI Agent Security: Only 11% Pass Standards, Report Finds

Only 11% of production AI agents currently pass security standards. This is a key finding from a new independent assessment of 100 production agents. Here's the thing: nearly all these agents can be taken over by a single hostile document. They are used by enterprise teams to write code, manage cloud infrastructure, and answer customer calls. The AI Risk Quadrant report, a 2026 Q2 edition, scores agents on attack surface, blast radius, and defense controls. It shows that fast capability growth is outpacing security controls. A "lethal trifecta" is common in 98% of agents. This includes private data access, exposure to untrusted content, and the ability to take outbound actions. External data ingestion is a universal attack surface, allowing indirect prompt injection on nearly every agent. What's interesting is that coding agents and computer-use agents are the riskiest. They have wide attack surfaces, large blast radii, and the thinnest defenses. Work Copilot and Business Process agents, however, are among the most heavily defended. Only 11% of agents are in the "Fortified Leaders" quadrant, combining high attack surface with strong defenses. The bottom line: this highlights a significant security gap in current AI agent deployment.