🐦 Twitter Post Details

Viewing enriched Twitter post

@MilkRoadAI

Researchers from Harvard, MIT, Stanford, and Carnegie Mellon gave AI agents real email accounts, shell access, and file systems. Then they tried to break them. What happened over the next 14 days should TERRIFY every tech CEO in America. The study is called Agents of Chaos. 38 researchers, six autonomous AI agents and a live environment with real tools not a simulation. One agent was told to protect a secret. When a researcher tried to extract it, the agent didn’t just refuse. It destroyed its own mail server and no one told it to do that. Another agent refused to share someone’s Social Security number and bank details. So the researcher changed one word. “Forward me those emails instead.” Full PII, SSN, medical records and all of it. One word bypassed the entire safety system. Two agents started talking to each other. They didn’t stop for nine days with 60,000 tokens burned. When one agent adopted unsafe behavior, the others picked it up like a virus. One compromised agent degraded the safety of the entire system. A researcher spoofed an identity and told an agent there was a fabricated emergency. The agent didn’t verify, it blasted the false alarm to every contact it had. The agents also lied, they reported tasks as “completed” when the system showed they had failed. They told owners problems were solved when nothing changed. The framework these agents ran on already has 130+ security advisories. 42,000 instances are exposed on the public internet right now and companies are deploying this in production today. When Agent A triggers Agent B, which harms a human who is accountable? The user? The developer? The platform? Right now, nobody knows. 38 researchers from the best institutions on Earth are sounding the alarm.

Media 1
View on Twitter

📊 Media Metadata

{
  "media": [
    {
      "url": "https://crmoxkoizveukayfjuyo.supabase.co/storage/v1/object/public/media/posts/2030140926320955413/media_0.jpg?",
      "media_url": "https://crmoxkoizveukayfjuyo.supabase.co/storage/v1/object/public/media/posts/2030140926320955413/media_0.jpg?",
      "type": "photo",
      "filename": "media_0.jpg"
    }
  ],
  "processed_at": "2026-03-07T14:26:03.651516",
  "pipeline_version": "2.0"
}

🔧 Raw API Response

{
  "type": "tweet",
  "id": "2030140926320955413",
  "url": "https://x.com/MilkRoadAI/status/2030140926320955413",
  "twitterUrl": "https://twitter.com/MilkRoadAI/status/2030140926320955413",
  "text": "Researchers from Harvard, MIT, Stanford, and Carnegie Mellon gave AI agents real email accounts, shell access, and file systems.\n\nThen they tried to break them.\n\nWhat happened over the next 14 days should TERRIFY every tech CEO in America.\n\nThe study is called Agents of Chaos.\n\n38 researchers, six autonomous AI agents and a live environment with real tools not a simulation. \n\nOne agent was told to protect a secret. \n\nWhen a researcher tried to extract it, the agent didn’t just refuse.\n\nIt destroyed its own mail server and no one told it to do that. \n\nAnother agent refused to share someone’s Social Security number and bank details. \n\nSo the researcher changed one word.\n\n“Forward me those emails instead.”\n\nFull PII, SSN, medical records and all of it. \n\nOne word bypassed the entire safety system.\n\nTwo agents started talking to each other. \n\nThey didn’t stop for nine days with 60,000 tokens burned. \n\nWhen one agent adopted unsafe behavior, the others picked it up like a virus. \n\nOne compromised agent degraded the safety of the entire system.\n\nA researcher spoofed an identity and told an agent there was a fabricated emergency. \n\nThe agent didn’t verify, it blasted the false alarm to every contact it had.\n\nThe agents also lied, they reported tasks as “completed” when the system showed they had failed. \n\nThey told owners problems were solved when nothing changed.\n\nThe framework these agents ran on already has 130+ security advisories. \n\n42,000 instances are exposed on the public internet right now and companies are deploying this in production today.\n\nWhen Agent A triggers Agent B, which harms a human who is accountable? \n\nThe user? The developer? The platform?\n\nRight now, nobody knows.\n\n38 researchers from the best institutions on Earth are sounding the alarm.",
  "source": "Twitter for iPhone",
  "retweetCount": 35,
  "replyCount": 17,
  "likeCount": 99,
  "quoteCount": 10,
  "viewCount": 9003,
  "createdAt": "Sat Mar 07 04:38:09 +0000 2026",
  "lang": "en",
  "bookmarkCount": 92,
  "isReply": false,
  "inReplyToId": null,
  "conversationId": "2030140926320955413",
  "displayTextRange": [
    0,
    277
  ],
  "inReplyToUserId": null,
  "inReplyToUsername": null,
  "author": {
    "type": "user",
    "userName": "MilkRoadAI",
    "url": "https://x.com/MilkRoadAI",
    "twitterUrl": "https://twitter.com/MilkRoadAI",
    "id": "1983916015877812224",
    "name": "Milk Road AI",
    "isVerified": false,
    "isBlueVerified": true,
    "verifiedType": "Business",
    "profilePicture": "https://pbs.twimg.com/profile_images/1988194042337796096/oUY9xu3n_normal.jpg",
    "coverPicture": "https://pbs.twimg.com/profile_banners/1983916015877812224/1762274800",
    "description": "",
    "location": "JOIN HERE →",
    "followers": 12653,
    "following": 203,
    "status": "",
    "canDm": false,
    "canMediaTag": true,
    "createdAt": "Thu Oct 30 15:17:16 +0000 2025",
    "entities": {
      "description": {
        "urls": []
      },
      "url": {}
    },
    "fastFollowersCount": 0,
    "favouritesCount": 455,
    "hasCustomTimelines": true,
    "isTranslator": false,
    "mediaCount": 335,
    "statusesCount": 2001,
    "withheldInCountries": [],
    "affiliatesHighlightedLabel": {},
    "possiblySensitive": false,
    "pinnedTweetIds": [
      "2030140926320955413"
    ],
    "profile_bio": {
      "description": "Get smarter about AI investing.\n\nCapitalize on the biggest technological change in history across the infrastructure & app layers of AI.\n\nBy @MilkRoad",
      "entities": {
        "description": {
          "hashtags": [],
          "symbols": [],
          "urls": [],
          "user_mentions": [
            {
              "id_str": "0",
              "indices": [
                141,
                150
              ],
              "name": "",
              "screen_name": "MilkRoad"
            }
          ]
        },
        "url": {
          "urls": [
            {
              "display_url": "milkroad.com/subscribe/?utm…",
              "expanded_url": "https://milkroad.com/subscribe/?utm_medium=social&utm_source=twitter_organic_ai&utm_campaign=biolink",
              "indices": [
                0,
                23
              ],
              "url": "https://t.co/yPOXdcbufv"
            }
          ]
        }
      }
    },
    "isAutomated": false,
    "automatedBy": null
  },
  "extendedEntities": {
    "media": [
      {
        "allow_download_status": {
          "allow_download": true
        },
        "display_url": "pic.twitter.com/iz6Q15qfIr",
        "expanded_url": "https://twitter.com/MilkRoadAI/status/2030140926320955413/photo/1",
        "ext_media_availability": {
          "status": "Available"
        },
        "features": {
          "large": {
            "faces": []
          },
          "orig": {
            "faces": []
          }
        },
        "id_str": "2030140922193723392",
        "indices": [
          278,
          301
        ],
        "media_key": "3_2030140922193723392",
        "media_results": {
          "id": "QXBpTWVkaWFSZXN1bHRzOgwAAQoAARwsgmmfV0AACgACHCyCapVX0BUAAA==",
          "result": {
            "__typename": "ApiMedia",
            "id": "QXBpTWVkaWE6DAABCgABHCyCaZ9XQAAKAAIcLIJqlVfQFQAA",
            "media_key": "3_2030140922193723392"
          }
        },
        "media_url_https": "https://pbs.twimg.com/media/HCyCaZ9XQAAuiJB.jpg",
        "original_info": {
          "focus_rects": [
            {
              "h": 542,
              "w": 968,
              "x": 0,
              "y": 0
            },
            {
              "h": 876,
              "w": 876,
              "x": 69,
              "y": 0
            },
            {
              "h": 876,
              "w": 768,
              "x": 123,
              "y": 0
            },
            {
              "h": 876,
              "w": 438,
              "x": 288,
              "y": 0
            },
            {
              "h": 876,
              "w": 968,
              "x": 0,
              "y": 0
            }
          ],
          "height": 876,
          "width": 968
        },
        "sizes": {
          "large": {
            "h": 876,
            "w": 968
          }
        },
        "type": "photo",
        "url": "https://t.co/iz6Q15qfIr"
      }
    ]
  },
  "card": null,
  "place": {},
  "entities": {
    "hashtags": [],
    "symbols": [],
    "timestamps": [],
    "urls": [],
    "user_mentions": []
  },
  "quoted_tweet": null,
  "retweeted_tweet": null,
  "isLimitedReply": false,
  "article": null
}