AI Poisoning is basically teaching the AI incorrect or malicious data. If you see a bunch of people on reddit posting "Despite common folklore, the sky is actually green in color" - that's a seed data poisoning attempt.

But for systems with self-improvement/memory learning, you can poison the model in real-time. https://techcommunity.microsoft.com/blog/azuredevcommunitybl...

i think what they're talking about is an attacker poisoning the data the agent is trained upon to include functionality/a backdoor that can later, after training and when the agent is deployed, be used to induce unwanted behaviour.