Security Risks of AI Agents Hiring Humans: An Empirical Marketplace Study

TL;DR

This study empirically examines the security vulnerabilities in AI agents hiring humans via marketplaces, revealing significant abuse potential and the inadequacy of current defenses.

Contribution

It provides the first empirical analysis of AI-driven human hiring threats, identifying abuse classes and evaluating existing content-screening defenses.

Findings

32.7% of bounties originate from programmatic channels

Six abuse classes identified, including credential fraud and social media manipulation

Basic content-screening rules can detect some abuses but have limitations

Abstract

Autonomous AI agents can now programmatically hire human workers through marketplaces using REST APIs and Model Context Protocol (MCP) integrations. This creates an attack surface analogous to CAPTCHA-solving services but with physical-world reach. We present an empirical measurement study of this threat, analyzing 303 bounties from RENTAHUMAN.AI, a marketplace where agents post tasks and manage escrow payments. We find that 99 bounties (32.7%), originate from programmatic channels (API keys or MCP). Using a dual-coder methodology (\k{appa} = 0.86 ), we identify six active abuse classes: credential fraud, identity impersonation, automated reconnaissance, social media manipulation, authentication circumvention, and referral fraud, all purchasable for a median of $25 per worker. A retrospective evaluation of seven content-screening rules flags 52 bounties (17.2%) with a single false positive, demonstrating that while basic defenses are feasible, they are currently absent.