Safeguard
Tag

agent-security

Safeguard articles tagged "agent-security" — guides, analysis, and best practices for software supply chain and application security.

33 articles

AI Security

Out-Of-Band Confirmation For Irreversible Tool Calls

Some tool calls cannot be undone. Out-of-band confirmation is the cheapest defense for that small set, and the most expensive thing to skip.

Mar 25, 20267 min read
Best Practices

How to Secure AI Agents on the MCP Protocol

MCP gives AI agents real tools, real credentials, and real blast radius. Here is a hardening guide for running MCP servers in production without torching your environment.

Mar 24, 20267 min read
AI Security

MCP Server Capability Drift Detection

MCP servers do not stay still. Tool surfaces drift, scopes expand, and the server you approved is not the server in production. Here is how to catch that.

Mar 20, 20267 min read
AI Security

MCP Server Authorization Patterns in 2026

The Model Context Protocol shifted agent integration from custom glue to a standard surface. Authorization patterns that work, and the ones that keep biting teams.

Mar 19, 20266 min read
AI Security

Prompt Injection Defence Stack 2026

No single control stops prompt injection. The current state of the art is a defence-in-depth stack with controls at five distinct layers. Here it is.

Mar 15, 20267 min read
AI Security

Griffin AI vs Claude Computer Use: Security

Claude's Computer Use lets an agent drive a GUI. For security, this is powerful and dangerous in equal measure. The architecture around it matters.

Mar 14, 20262 min read
AI Security

AI Agent Blast Radius Management

Every agent in production has a blast radius. Most teams have not measured theirs. Here is how to measure it and how to bring it under control.

Mar 10, 20267 min read
AI Security

Eval Harness As Release Gate For AI Features

Shipping AI features without an eval harness is shipping without tests. Here is how to build one that actually gates releases without becoming a bottleneck.

Mar 5, 20268 min read
AI Security

LLM Selection For Security Workflows

Picking a model for a security workflow is not the same as picking one for a chatbot. Here are the criteria that actually matter and how to weigh them.

Feb 28, 20267 min read
Agent Security

ToxicSkills: When Claude Skills Become a Malware Distribution Channel

Snyk's ToxicSkills research found prompt injection in 36% of Claude skills tested and 1,467 malicious payloads. The SKILL.md trust model is the structural issue.

Feb 4, 20267 min read
Industry Analysis

Agent Security Buyer's Guide Overview

As AI agents gain production write-access across the enterprise, security teams need a rigorous buyer's guide to separate real agent security platforms from repackaged AppSec dashboards.

Jan 22, 20267 min read
AI Security

Anthropic MCP Security Model: A Deep Dive

Anthropic's Model Context Protocol introduces a new trust boundary between agents and tools. Here is how the security model actually works in practice.

Jan 15, 20265 min read
agent-security (Page 2) — Safeguard Blog