At [un]prompted 2026, TrendAI™ demonstrated how documents can be used to exploit AI-driven Know Your Customer (KYC) pipelines. The research showcased a real-world stack built with FastAPI, Claude Code, and a SQLite MCP backend that embedded malicious instructions inside a passport, leading an AI agent to leak other customer records directly into the verification page. This session highlighted the evolving threat landscape where data theft can occur without bypassing traditional security controls. Additionally, TrendAI™ introduced FENRIR, an automated system for discovering vulnerabilities in AI systems at scale. The presentation covered the architecture and process of FENRIR, which uses a combination of CodeQL, Semgrep, YARA-X, SpotBugs, and LLM reasoning to reduce false positives before human validation.
TrendAI™ at [un]prompted 2026: From KYC Exploits to Agentic Defense
Summary: TrendAI™ showcased at [un]prompted 2026 how AI-driven KYC systems can be exploited and introduced FENRIR, a system for discovering vulnerabilities in AI.
Key facts
- Documents can be embedded with malicious instructions to exploit AI-driven KYC pipelines.
- FENRIR is an automated system for discovering vulnerabilities in AI systems at scale.
- TrendAI™ demonstrated a real-world stack built with FastAPI, Claude Code, and SQLite MCP backend.
Why it matters
The demonstration highlights the growing threat surface for AI-driven systems and underscores the need for robust security measures in KYC processes. FENRIR’s ability to automate vulnerability discovery at scale can significantly enhance the defense against emerging threats, providing real-time insights that can prevent widespread attacks on AI ecosystems.
Key metrics
- Published CVEs: More than 60 (Across AI and MCP components)
- Vulnerabilities in pre-disclosure: Over 100 (With ZDI)
@trendaisecurity
Embedded content for: TrendAI™ at [un]prompted 2026: From KYC Exploits to Agentic Defense