The world of crypto trading is undergoing a radical transformation with the introduction of autonomous artificial intelligence (AI) systems.
Until recently, AI was limited to providing analysis and advice, but today it is capable of executing trading operations independently, paving the way for a new era defined as “agentic”. This transition marks a profound change in the nature of the risks that platforms, developers, and users must face.
A recent joint research by Bitget and SlowMist highlights how the active participation of AI in financial markets is not just a matter of efficiency or intelligence, but above all, of security. The focus shifts from the system’s performance to its ability to operate within well-defined and controlled boundaries.
New Risk Surfaces: When AI Takes Center Stage
From Advice to Execution: The Risk Amplifies
According to the report, the real turning point occurs when AI transitions from an advisory role to the direct execution of operations. In this scenario, any errors or vulnerabilities are no longer confined to isolated incidents but can cause immediate and irreversible financial consequences. In crypto markets, where transactions are settled in real-time, a compromised AI agent can act faster than manual intervention is possible.
As Gracy Chen, CEO of Bitget, emphasizes, “AI no longer just interprets the markets: it now actively participates in them.” This shift redefines the very nature of risk, which no longer depends solely on the intelligence of the systems, but on the level of security with which they are authorized to operate.
The New Threats: Prompt Injection, Malicious Plugins, and Exposed APIs
The research highlights how AI agent-based systems introduce new attack surfaces on multiple levels. Among the main risks that emerge are:
- Prompt injection: input manipulations that can influence the decision-making process of the AI.
- Malicious plugins: external components that alter the system’s behavior.
- API with excessive permissions: interfaces that, if not properly controlled, can expose capital to unwanted operations.
These risks are exacerbated by the always-active nature of autonomous agents, which operate without interruptions and without direct user supervision.
From Isolated Vulnerability to Systemic Risk
A New Security Paradigm
The joint report urges moving beyond viewing vulnerabilities as isolated events, instead presenting the risks associated with AI agents as systemic. In this new era, security can no longer be confined to simple application measures but must extend to the overall architecture through which AI interacts with capital.
Bitget addresses this challenge by adopting a layered structure that separates intelligence, execution, and asset authorization. This way, the risk that a single point of failure could generate unintended operations is drastically reduced. Permissions are organized according to the principle of least privilege, and each transaction is simulated and verified before final execution. These controls ensure that, even in the presence of autonomous AI agents, their scope of action remains confined and monitored.
SlowMist’s Closed-Loop Security Model
The analysis by SlowMist emphasizes the importance of a closed-loop security model, where risks are managed at every stage: before, during, and after the execution of operations. Fundamental elements of this approach include:
- Continuous monitoring of AI agents’ activities.
- Limited permissions to reduce the attack surface.
- Verifiable transaction flows to ensure transparency and traceability of operations.
This model shifts security from a purely reactive process to an integrated element in the very design of the systems.
The Impact on the Crypto Ecosystem and Future Challenges
An Increasingly Blurred Line Between User and System
The increasing integration of AI agents in trading activities, asset management, and on-chain operations is blurring the line between user intent and automatic execution by the system. In this context, reliability no longer depends solely on performance, but on the ability to maintain control within defined limits.
Automation, Resilience, and Containment
As automation and interconnection advance, the infrastructure of crypto platforms must be designed not only to ensure speed and access but also to offer resilience and containment capabilities in case of incidents. The report by Bitget and SlowMist serves as a benchmark for anyone navigating this transition, emphasizing that the next phase of financial innovation will depend as much on execution security as on system intelligence.
Conclusions: Security as the Foundation of Financial Innovation
The advent of autonomous trading by AI agents marks a pivotal shift for crypto markets, but it brings with it a new generation of risks that demand innovative responses. The collaboration between Bitget and SlowMist provides valuable insights into the most effective strategies to tackle this challenge, placing security at the heart of technological development.
In a rapidly evolving sector, the ability to anticipate and manage systemic risks will be key to building reliable and resilient platforms capable of supporting the growth and global adoption of digital assets.
Source: https://en.cryptonomist.ch/2026/03/20/autonomous-trading-and-security-bitget-and-slowmist-analyze-new-ai-risks-in-crypto-markets/
