Security for Personal AI Assistants

A hands-on, incident-driven guide to securing personal AI assistants and agents that read untrusted inbound messages, act with operator privileges, and run third-party skills — covering prompt injection, identity, sandboxing, secrets, supply chain, the confused deputy problem, and audit logging.

Chapter Guides

  1. 1 The Personal AI Assistant Threat Landscape
  2. 2 Prompt Injection: The Number-One Threat
  3. 3 Defending Against Prompt Injection
  4. 4 Authentication and Identity: Verifying Who Is Talking
  5. 5 Pairing, Allowlisting, and Per-Channel Identity Mapping
  6. 6 Sandboxing and Isolation
  7. 7 Least Privilege and Never Running as Root
  8. 8 Secrets Management
  9. 9 Supply Chain Risk: Vetting Skills and Dependencies
  10. 10 The Confused Deputy Problem
  11. 11 Audit Logging and Forensics
  12. 12 Putting It Together: Threat Modeling and Defense in Depth
  13. 13 Operating Securely: Incident Response and Next Steps