Mighty updates workflow protection to handle multi-modal AI hacks

Most enterprises are racing to agentify workflows on top of the messy reality of internal document flows. The world still runs on PDFs, Excel files, claims forms, invoices, contracts, emails, and scans. When these artifacts are read directly by AI systems, the potential for hacking workflows expands.

CISO teams may be prepared for bad prompts in text chat, but attackers have already moved on to embedding instructions inside artifacts. White-on-white text in images and videos, in audio transcripts, and visual tokens, for example, could steer agentic systems to do the bidding of a bad actor.

Mighty, a San Francisco-based startup, is addressing this with a multi-modal security-in-the-loop approach designed to stop malicious steering before workflows touch downstream systems.

Prepare for massive volumes of attacks as agent-to-agent interaction takes off

With the rise of agent-to-agent interactions, the issue of workflow compromise compounds. Attack scalability is rising because inference economics are collapsing, and adversary breakout times are compressing. Agents are formulating multiple multimodal assaults to trigger unauthorized actions and financial manipulation. CrowdStrike’s 2026 Global Threat Report identified an 89% y-o-y increase in AI-enabled attacks.

Most language model providers add mitigations, but prompt injection remains the top application-layer risk. Moreover, as enterprises frequently deploy older or smaller models for cost and latency reasons, those models often inherit outdated safety protections.

CISOs must assume residual risk and design for containment, treating this as a system-design problem rather than a “model patch” every time they update or switch models. A separate runtime layer standardizes security across model generations. Unlike traditional text guardrails that classify outputs, this approach focuses on intercepting attempts to access unauthorized resources or steer workflows before they execute.

Your solution must be model agnostic and multi-modal by default, with security in the loop

Mighty’s low-latency runtime security layer comes with an antivirus gateway that inspects input and output across text, documents, images, audio, and video before they reach enterprise agents of downstream systems. It is model agnostic, allowing enterprises to switch models without having to reconsider how they handle fraudulent prompt injections.

Mighty’s approach defines and responds to a new set of enterprise needs:

• Model-agnostic security standardization: Enterprises deploy a mix of frontier and smaller/older models for cost, latency, governance, and vendor independence. A separate security layer standardizes protection regardless of the underlying model.
• Multimodal-first defense (not bolted-on): The next wave of attacks will use documents, images, audio, and video because those channels evade text-only inspection and align with enterprise workflows.
• In-the-loop as a strategy: Security must sit in the loop in production. If it’s slow, teams will bypass it. Making it always-on and independent of what is built on top means it can’t be an afterthought.
• Security tooling entrenchment: Once embedded in revenue-impacting workflows, a security gateway becomes infrastructure.

Treat media as untrusted executable inputs to retain control of your agents

CISOs must get used to treating documents and media as untrusted executable inputs that agents could act on. To prepare for this new reality, security teams should map agentified workflows where artifacts can impact how cash gets allocated (e.g., claims, billing, procurement, customer refunds) while also protecting against manipulation in functions such as HR. Prompt injection could be used to secure a pay rise, claim extra paid time off, or land a job in the first place.

Consider your need for a multi-modal inspection layer that can intercept ahead of agent or tool calls. Intelligent document processing (IDP) modernization is a sensible starting point for the initial focus, alongside addressing the risks for customer-facing voice agents. This is not only about preventing fraud but also enabling safe automation, giving enterprises the confidence to automate high-value workflows without increasing operational risk.

The Bottom Line: Separating the security layer will give you consistent control of workflow protection.

Some CISOs will wait and hope that model providers care as much about protecting enterprise workflows as they do. Deploying a separate security layer means taking ownership of the issue today. That control comes with the ability to report consistent workflow protection wherever and on whatever SLM or LLM deployed. Ignoring this rising challenge will only expose workflows to hackers.