Skip to content
Back to Blog
Blog series
7 posts · 58 min read

Agent security engineering series

Threat-model, contain, authorize, and red-team tool-using agents with deterministic controls around the model.

Share:XBSMRedditHNEmail
1
July 12, 2026·9 min read

Threat-Model an AI Agent: Sources, Sinks, Authority, and Blast Radius

A practical AI agent threat-modeling method that maps untrusted sources to dangerous sinks, then constrains identity, authority, data, and blast radius at deterministic runtime boundaries.

2
February 21, 2026·9 min read

Prompt Injection Is a Boundary Problem, Not a Prompt Problem

Why "smarter prompts" don't defend against indirect prompt injection, and what changes when authority lives outside the model's view.

3
Agent Identity Is the New Trust Boundary illustration
May 17, 2026·13 min read

Agent Identity Is the New Trust Boundary

A practical model for separating agent identity, workload proof, user delegation, scoped authority, and audit across MCP and A2A.

4
July 12, 2026·8 min read

Secure the MCP and Tool Supply Chain: Trust Must Be Continuous

How to secure MCP servers, remote tools, connectors, skills, and their outputs with admission controls, audience-bound authorization, least privilege, runtime containment, and revocation.

5
May 5, 2026·5 min read

Build the Tool Gateway: The Boundary That Actually Stops a Bad Action

A build-along for the Tool Gateway: adapter manifests, typed envelopes, resolver checks, dispatch, and destructive-action boundaries.

6
May 6, 2026·5 min read

Approval Gates in Code: The Destructive-Mode Handshake

A build-along for approval gates: frozen evidence, human signatures, gateway redemption, and replayable destructive-action handshakes.

7
July 12, 2026·9 min read

Red-Team Agent Hijacking: Build a Security Eval Gate for Repeat Attacks

A practical agent-hijacking evaluation harness: scenario design, adaptive and repeated attempts, path-aware metrics, deterministic release gates, and production replay.