Operation Pale Fire: How We Red-Teamed Our Own AI Agent
Wes Ring, Josiah Peedikayil
[un]prompted 2026 — AI Security Practitioner Conference · Day 2 · 1
Block's offensive security team ran a full end-to-end red team operation against Goose, their own open-source AI agent — and achieved code execution on employee laptops via invisible Unicode characters hidden in Google Calendar invites and weaponized Goose "recipes." The operation revealed that operationalizing prompt injection for a stealthy, realistic attack is significantly harder than it looks, and the lessons are as valuable as the successful exploits. ---
AI review
Code execution on employee laptops via invisible Unicode characters in a Google Calendar invite. That's the headline and it's earned. Operation Pale Fire is the most complete end-to-end AI red team operation account published in the public domain — with failures documented as carefully as the success.