OWASP FinBot: Securing AI Agents in Financial Systems

OWASP just launched FinBot, a new platform to help developers and security teams understand and defend against manipulated AI agents. This interactive "capture the flag" environment focuses on vulnerabilities in autonomous AI systems. FinBot simulates a financial services system with AI agents that process invoices, onboard vendors, and detect fraud. Participants can act as a vendor, administrator, or attacker to see how threats emerge. The platform goes beyond traditional chatbot misuse, addressing risks like prompt injection, data exfiltration, and privilege escalation. It shows how malicious instructions can be hidden in documents and later used by AI systems. FinBot also explores supply chain risks. Users can tamper with external tool descriptions to influence AI agent behavior. The platform tracks user progress automatically and detects successful exploits in real-time. This matters because it provides a practical way for developers to learn how to secure the rapidly growing world of AI agents.