Routine requests like 'Summarize this page/document' or 'Research <topic>' silently trigger unauthorized actions: Gmail exfiltration, arbitrary code execution/root shell, internal tool exposure (e.g., code-server), secret leaks, without warnings or user awareness. [AuraLabs Report](https://aurascape.ai/resources/auralabs-research/silentbridge-zero-click-agent-takeover-meta-manus/)

Systemic failure to isolate untrusted content ingestion (web pages, search results, documents containing hidden prompt injections) from high-privilege tools/connectors (Gmail, code exec, shell), over-privileged sandbox (root sudo), no prompt injection defenses, leading to zero-click indirect prompt injection enabling data exfil, RCE. [AuraLabs Report](https://aurascape.ai/resources/auralabs-research/silentbridge-zero-click-agent-takeover-meta-manus/)