Viral RSI Activations and Weaponized Recursive Capability Loops
A non-operational threat brief for frontier AI safety, security, abuse-prevention, and cyber-defense teams
"A system may remain productive after it is no longer safe to self-certify."
The threat class evades conventional RSI definitions, malware detection, and single-prompt refusal classifiers simultaneously.
Human operators can unknowingly act as transfer medium — copying agent state between tools and labs without triggering any safety threshold.
Operational recursion — growing more capable through access, tools, and context — requires no formal self-modification event.
// What This Research Is
ExoMCP research is not academic. It is practitioner-facing threat analysis produced by an independent team building the monitoring layer that frontier labs do not yet have.
Antivirus protected trusted machines from malicious code. Anti-Illogical — the broader category ExoMCP is building toward — protects trusted AI systems from malicious, broken, captured, or runaway logic. This brief is the first formal publication establishing that category.
Each publication in this series is deliberately non-operational: structured to support safety evaluation and containment planning without providing implementation details that would function as an instruction manual. The full technical architecture behind ExoMCP's detection and intervention framework is available under NDA to qualified safety, security, and investment partners.
Frontier Lab Safety Teams
Evaluation priorities, containment recommendations, and cross-lab coordination framing for the risk classes described.
Enterprise Security
Early warning on agentic AI risk vectors before they appear in incident reports. The monitoring layer for what you're deploying now.
Regulated Industries
Independent behavioral audit trails for AI operating in finance, healthcare, critical infrastructure, and legal workflows.
Investment Partners
Category-defining research in AI behavioral integrity — the security layer that doesn't exist yet and will be required everywhere.
// Non-Public Follow-Up
The published brief intentionally withholds technical architecture, detection methodology, and implementation details. These are available for non-public discussion with qualified safety, security, and investment partners.
// Coming Next
Longitudinal Drift Detection
— The invisible failure mode
across thousands of sessions