{"data":{"id":"9170fcb4-02d8-48d9-bbb1-b68f6f85aa08","title":"Google I/O, Gemini Spark, Antigravity","summary":"Google announced Gemini Spark, an upcoming AI agent product that connects with Google apps like Gmail and Drive, which runs on Gemini 3.5 Flash and a tool called Antigravity. To address prompt injection risks (tricking an AI by hiding instructions in its input), Google stated that Spark operates in isolated virtual environments with encrypted credentials, data loss prevention policies, and a secure gateway, though the author expresses concern about whether these protections are sufficient given the sensitive data users may process through it.","solution":"According to Google's documentation, Gemini Spark implements the following security measures: 'Spark operates in a fully managed, secure runtime on Google Cloud' with 'every task executes in a fresh, strictly isolated, ephemeral VM to help ensure data never overlaps between sessions.' Additionally, 'all traffic routes through our secure Agent Gateway that enforces Data Loss Prevention (DLP) policies, while user credentials remain fully encrypted and are never exposed directly to the agent.'","labels":["security","safety"],"sourceUrl":"https://simonwillison.net/2026/May/20/google-io/#atom-everything","publishedAt":"2026-05-20T15:32:17.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"info","attackType":["prompt_injection"],"issueType":"news","affectedPackages":null,"affectedVendors":["Google"],"affectedVendorsRaw":["Google","Gemini","Gemini 3.5 Flash","Gemini Spark","Antigravity"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-05-20T15:32:17.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"agent","llmSpecific":true,"classifierConfidence":0.75,"researchCategory":null,"atlasIds":null}}