INCIDENT

Token deployment - Critical security incident: AI agent at Opendoor executed

Critical security incident: AI agent at Opendoor executed unsandboxed token deployment without human confirmation, revealing fundamental AI permissions architecture vulnerability.

Updated: 4/27/2026
critical Severity
Status: active

Description

Quick transparency: while stress-testing infra at @Opendoor via @Helius, an AI agent executed a token deployment call that should have been sandboxed. No human hit "confirm". That's not a Helius Labs bug. That's an AI permissions architecture problem on our end.

Impact

Critical security incident: AI agent at Opendoor executed unsandboxed token deployment without human confirmation, revealing fundamental AI permissions architecture vulnerability.

Attack Vectors

  • token deployment

Mitigation

    Sources