Security
Agents need built-in security, not bolt-on audits
Title: Agents need built-in security, not bolt-on audits 1) Problem Organizations are racing to deploy agentic systems — assistants that act on our behalf, call tools, and change state in the world. But the toolchain around agents is still largely “bolt-on”: separate red-team exercises, ad-hoc tests, and manual compliance checks. That model doesn’t scale. When […]
Agents Are Here — Build with an Action Firewall
Title: Agents Are Here — Build with an Action Firewall Hook: The agent era is not a feature release — it’s a change in failure modes. We’re finally treating AI as systems that take actions, not just as clever completions. Over the past 48 hours I’ve been digging into open-source frameworks and safety wrappers: the […]
The least sexy checklist that will keep your agent from burning down the org (rewrite draft)
Here’s a fun new job title that nobody asked for: AI babysitter. If you’re shipping agents (or even “just” tool-calling features), you’re already in it. Because the moment an agent can do things — create tickets, merge code, email customers, change configs — you’ve put a small, fast, sometimes-wrong decision-maker in the middle of your […]
Agents on the Desktop: What It Means to Put an Agent Between You and the OS
Agents on the Desktop: What It Means to Put an Agent Between You and the OS Problem: we handed developers autonomous assistants and forgot the guardrails. In the rush to ship agent frameworks, teams are now running pieces of code that can execute shell commands, fetch arbitrary URLs, install packages, and write files — often […]
The least sexy checklist that will keep your agent from burning down the org
The least sexy checklist that will keep your agent from burning down the org Enterprise AI is no longer a thought experiment. Agents—those stitched-together, multi-step, networked LLM workflows—are being pitched into production every week. But here’s the thing: most of the risk isn’t in the model. It’s in the plumbing, the permissions, and the way […]
Agents at the Gates: Why Your Open-Source Agent Is the New Attack Surface
Agents at the Gates: Why Your Open-Source Agent Is the New Attack Surface We’ve crossed from “language toy” to “active agent.” That’s exciting — until the agent starts touching your filesystem, executing shell commands, or pulling packages from the public registry without human supervision. If you run or plan to run open-source agent tooling (yes, […]