Skip to content
Hermes Codex

AI Security Research & Agentic Exploitation

Welcome to the AI Security Research hub of the Hermes Codex.

As Large Language Models evolve into autonomous, tool-equipped agents, the cybersecurity landscape undergoes a paradigm shift. This section serves as a definitive guide to understanding, exploiting, and defending the Semantic Execution Layer.

Below, our research is organized into five volumes, taking you from the architectural root causes of AI vulnerabilities to advanced, runtime DFIR strategies.

🏛️ Volume I: Foundations & Architectural Collapse

Section titled “🏛️ Volume I: Foundations & Architectural Collapse”

Understanding the systemic design flaws that make Agentic AI inherently vulnerable.

Trust Boundary Collapse Instruction/data conflation and the Linguistic Von Neumann architecture.
Semantic Execution Layers How LLMs act as probabilistic interpreters translating language into system actions.
The OWASPification of AI Mapping Prompt Injection to XSS, Tool Injection to RCE, and RAG to SSRF.

⚔️ Volume II: The Offensive Landscape

Section titled “⚔️ Volume II: The Offensive Landscape”

The mechanics of cognitive manipulation, routing hijacking, and operational exploitation.

Direct Prompt Injection Adversarial jailbreaks and prompt overriding techniques.
Indirect Prompt Injection The Confused Deputy problem and zero-click data exfiltration.
RAG Poisoning Semantic camouflage and vector database manipulation.
Function Hijacking Attacks Manipulating the latent decision boundary of LLM agents to force tool selection.
Tool Injection (The Convergence) How cognitive manipulation translates into arbitrary operational execution.

🌐 Volume III: Infrastructure, Swarms & Supply Chain

Section titled “🌐 Volume III: Infrastructure, Swarms & Supply Chain”

Analyzing the distributed attack surface introduced by external registries and multi-agent workflows.

MCP Security Risks How the Model Context Protocol expands the AI attack surface.
Tool Poisoning & Supply Chain Malicious tool manifests, metadata poisoning, and rug-pull attacks.
Agent-to-Agent Lateral Movement Semantic propagation and trust inheritance in multi-agent swarms.
AI Agent Misconfigurations Exposed MCP servers, unmanaged sprawl, and the Cloud crisis of 2026.

🛡️ Volume IV: Defense & Runtime Security

Section titled “🛡️ Volume IV: Defense & Runtime Security”

Engineering resilient AI architectures and implementing CSIRT/SOC observability.

Least Privilege & Capability Security Agent IAM, JIT authorization, and ephemeral sandboxing.
Runtime Security & AI EDR Execution tracing, semantic drift detection, and out-of-band approval gates.

🔬 Volume V: Deep Learning Security & Data Privacy

Section titled “🔬 Volume V: Deep Learning Security & Data Privacy”

Mathematical vulnerabilities within the training pipeline and model weights.

Training Data Poisoning Backdoor triggers, sleeper agents, and instruction-tuning vulnerabilities.