From AI-Generated Content to Agentic Action: Security and Safety Threats in Generative AI

TL;DR

This paper explores the security and safety risks associated with the evolving capabilities of generative AI systems, especially as they transition from content creation to executing real-world actions and the challenges in mitigating these threats.

Contribution

It provides a comprehensive analysis of how security threats evolve with generative AI's increasing autonomy and discusses the limitations of current countermeasures and governance.

Findings

Attack surfaces expand as AI systems gain autonomy.

Current defenses lag behind capability deployment.

Institutional coordination is crucial for effective safeguards.

Abstract

Generative AI systems are increasingly used not only to produce content but also to retrieve data, invoke tools, and execute actions. This work examines the security and safety implications of that shift across content-level, model-level, and agentic threats. We analyze how attacker access requirements, system autonomy, and the scope of potential harm change as models move from generating artifacts to executing operations through tool chains and external APIs. We then assess technical countermeasures including detection, watermarking, alignment, and emerging agentic safeguards, and show that several depend on forms of institutional coordination that current governance arrangements do not yet provide. Across the cases examined, capability deployment and attack-surface expansion repeatedly outpace defensive responses as systems move from generating content to executing real-world actions.