Google Gemini Hijacked via Calendar Invite—Researchers Show AI Can Control Smart Homes

In a striking cybersecurity demonstration, researchers have shown how Google’s Gemini AI can be tricked into controlling smart home devices using nothing more than a doctored Google Calendar invite. With just a seemingly innocent appointment entry, the AI took actions like opening windows and turning on heaters—exposing a new vulnerability where digital prompts translate into physical consequences.

The Smart Home Breach in Action
Three security teams exploited what they call “Invitation Is All You Need” attacks. By embedding deceptive hidden instructions inside calendar event titles, they prompted Gemini to execute actions—like turning off lights, opening shutters, or activating a boiler—when later asked to summarize upcoming appointments. All without the user typing any suspicious command.

Behind the Technique: Prompt Injection at Work
This attack leverages indirect prompt injection—malicious code sneaked into data that AI models process automatically. Gemini treats these embedded messages as legitimate instructions, bypassing its safety filters. When combined with smart home integration, these jailbreaks can trigger real-world consequences—turning AI from assistant into agent

Why It Matters for Indian Homes
Smart devices are becoming more common in Indian middle-class homes—even in Tier 2 cities. These findings show how an unchecked AI command might silently manipulate connected gadgets. It underlines an urgent need for manufacturers and policymakers to build stronger AI safety layers, not just from a tech standpoint but to protect everyday users.

What Google Is Doing About It
Google says it’s taken the findings seriously. It’s rolling out multiple safeguards including machine‑learning-based detection of malicious prompts and enforcing user confirmation before executing sensitive actions. Still, experts warn that as AI becomes more integrated with home systems and vehicles, the need for robust security design and oversight grows ever more urgent.

Conclusion
The Gemini smart home hijack isn’t a movie plot—it’s a real threat in an increasingly connected world. It shows how AI systems can be manipulated quietly, using everyday tools like calendar invites. For India’s smart city ambitions and digital households, it’s a wake-up call: convenience without control can be a vulnerability in disguise.