agent-security
Safeguard articles tagged "agent-security" — guides, analysis, and best practices for software supply chain and application security.
33 articles
Securing MCP Servers for AI Agents
Five CVEs in 2025 alone trace MCP tool compromise back to one root cause: unsanitized strings piped into exec(). Here's how to expose and consume MCP safely.
Signing and provenance standards for AI agent skill registries
Shai-Hulud infected 500+ npm packages via stolen tokens in 2025. Agent skill registries are repeating the same unsigned-artifact mistake — here's the fix.
How Malicious Skills Get Distributed Through Agent Registries
CVE-2025-59536 (CVSS 8.7) let a single malicious commit auto-approve MCP servers in Claude Code, no install click required. Registries need the same controls as package managers.
Prompt injection in AI coding assistant system prompts
Copilot, Cursor, and Windsurf all read untrusted repo text into the same channel as trusted instructions — three 2025 CVEs show what happens next.
Vetting third-party agent skills before you install them
AI agent skill marketplaces run installed code with your full permissions and no sandboxing — VS Code's 2025 extension attacks show exactly how that gets abused.
Agentic AI Security FAQ: Governing Autonomous AI in 2026
Clear answers on securing agentic AI — what makes autonomy risky, how tool scope and identity work, prompt injection and confused-deputy failures, and how Safeguard governs agents that act on your systems.
MCP Server Security FAQ: Safeguarding AI Agent Tool Access in 2026
Plain answers about securing the Model Context Protocol — what an MCP server exposes, how agents authenticate, the prompt-injection and tool-poisoning risks, and how Safeguard's MCP server fits in.
Model Context Protocol Permissions Model Explained
MCP's permissions model is subtle. Here is a careful walkthrough of how tool scoping, sampling, and resource access actually work in production.
Securing MCP Servers Without Killing Developer Velocity
MCP servers are spreading inside engineering orgs faster than security teams can review them. Here is how to govern them without slowing teams down.
Enterprise MCP Registry Onboarding Process
A repeatable onboarding flow for adding MCP servers to an enterprise registry without becoming the team that says no to everything.
Scoped Credentials Per MCP Server: A Pattern
Long-lived shared tokens are the wrong unit of trust for MCP servers. Here is the per-server scoped-credential pattern and how to roll it out.
Tool-Call Audit: The Missing AI Observability Layer
Most AI observability stacks log prompts and completions. The actual security signal is in the tool calls. Here is how to capture it.