Best Practices For Implementing AI Agents
KnowBe4, March 24,2026
On March 9th, Codewall.ai disclosed how it had hacked McKinsey & Company's AI platform called Lilli, a purpose-built system for 43,000+ employees to analyze documents, chat, and access decades of proprietary research.
The researchers unleashed an AI agent which quickly scanned 200 endpoints, identified 22 that did not require authentication, and one that wrote user search queries into a database including non-parameterized JSON keys which were concatenated directly into SQL.
What sounds like a potential SQL injection vulnerability turned out to be one - albeit most normal tools would not have detected it, according to the researchers. Subsequently, the attacker AI got access to millions of chat messages, hundreds of thousands of files, thousands of user accounts and more than 300,000 AI agents all inside the database.