I red-teamed my own AI concierge
My site has an 'Ask Zakaria' AI box that answers untrusted recruiter input. So I spent an afternoon trying to break it — prompt leaks, tool-call injection, XSS, a cross-language jailbreak. Here's what held, and why the real defense isn't a clever prompt.