Safeguard
Tag

agent-security

Safeguard articles tagged "agent-security" — guides, analysis, and best practices for software supply chain and application security.

33 articles

Agent Security

MCP Spec 2025-11-25: Tasks, URL Mode Elicitation, and What Defenders Must Watch

The November 25, 2025 Model Context Protocol release adds Tasks, formalises long-running work, and reshapes the audit story for enterprise MCP.

Dec 2, 20256 min read
Agent Security

The MCP Registry and the Namespace-Impersonation Problem

The official MCP Registry launched in September 2025 with namespace-bound publishing. We unpack the trust model and what it does — and does not — defend against.

Oct 21, 20256 min read
Agent Security

Devin's Sandbox: What the Autonomous Engineer Threat Model Looks Like

Cognition's Devin executes engineering tasks autonomously in cloud sandboxes. We unpack the trust boundaries, the human checkpoints, and what defenders must require.

Aug 13, 20257 min read
Agent Security

Supabase MCP and the Lethal Trifecta: When an Agent Has service_role

A Cursor user's Supabase MCP server was tricked by a support ticket into exfiltrating an integration_tokens table. The bug was not in MCP. It was in the trifecta.

Jul 23, 20257 min read
AI Security

How Malicious Payloads Get Smuggled Into Trusted AI Skill...

Attackers smuggle malicious payloads into trusted AI skill repositories via typosquats, staged fetches, and split-file obfuscation — here is exactly how it works.

Jul 20, 20258 min read
AI Security

MCP Server Permissions: A Practical Checklist for Reducin...

A practical checklist for scoping MCP server permissions, denying risky defaults, and limiting the blast radius when an AI agent's tool access is exploited.

Jul 20, 20258 min read
AI Security

MCP 2025-06-18: OAuth Resource Server Rules Defenders Must Understand

The June 2025 MCP spec made every server an OAuth 2.1 resource server, mandated RFC 8707 resource indicators, and added elicitation. Here is what changes for blue teams.

Jul 9, 20256 min read
Agent Security

GitHub MCP Server Private-Repo Exfiltration: The May 2025 Invariant Labs Disclosure

Invariant Labs showed that a malicious GitHub Issue could hijack any MCP-connected agent into leaking private-repo contents. The architecture, not a bug, is the problem.

Jun 3, 20257 min read
AI Security

Line Jumping: How MCP Tool Descriptions Attack Before Tools Are Called

Trail of Bits coined 'line jumping' for prompt injection delivered through MCP tool descriptions on connection. It bypasses every tool-invocation guardrail by design.

Apr 29, 20256 min read
agent-security (Page 3) — Safeguard Blog