Built a game based on real AI security vulnerabilities I discovered

After a year of red teaming AI applications and finding some concerning patterns in vulnerabilities, I decided to turn these incidents into an interactive challenge.

Some background: I’ve been involved in testing AI applications for security flaws. Over time, I noticed that many critical vulnerabilities kept repeating – from agents causing self-DoS through recursive API calls, to prompt leaks that should’ve been patched months ago but variants kept popping up.

The breaking point came when I demonstrated a prompt extraction vulnerability in a meeting and heard the classic “but we fixed that!” response. The fix had created three new attack vectors.
These experiences made it clear that we needed a better way to understand AI security patterns.

So I built The Matrix Challenge – five levels replicating real security incidents I encountered. Each level strips down the vulnerability to its core pattern.

The beta testing was eye-opening. Developers who’d read about these incidents in post-mortems started messaging me when they recognized specific vulnerabilities they’d patched in production.

I’m sharing this here because:

1. The community could help identify more edge cases
2. It might help prevent some 3 AM production fixes
3. The patterns are worth discussing

The challenges are live at matrix.repello.ai

Would love feedback from anyone who tries it out, especially if you’ve encountered similar vulnerabilities in production.

Comments URL: https://news.ycombinator.com/item?id=42863079

Points: 1

# Comments: 0