This source explores the security risks associated with AI shopping agents, specifically focusing on indirect prompt injection attacks. These vulnerabilities occur when malicious instructions are hidden on websites—often as invisible text—to trick an autonomous agent into overspending or leaking personally identifiable information. To combat these threats, the text suggests implementing an AI firewall or gateway that scrutinizes data at every stage of the interaction. This security layer filters out both direct and indirect injections before they can influence the agent's reasoning or actions. Ultimately, the source emphasizes that while agents offer convenience, they still require human oversight and robust architectural safeguards to prevent exploitation.