ai-agents
Safeguard articles tagged "ai-agents" — guides, analysis, and best practices for software supply chain and application security.
66 articles
Least-privilege scoping for AI agents with write access to code, CI, and cloud
OWASP's 2025 LLM Top 10 names Excessive Agency a top risk; a single over-scoped CI token already dumped secrets from 23,000+ repos in 2025.
The Security Chores Agents Should Handle Themselves
Enabling 2FA, rotating a password, revoking a stale session, minting a scoped key — the account-hygiene tasks everyone postpones. When an agent can do them through MCP, 'later' becomes 'now.'
Region-Blind Pricing Breaks the Moment an Agent Checks Out
Your pricing is localized by country — but an AI agent rarely holds a clean country code. If your checkout can't resolve region from the messy signals an agent actually has, it quotes the wrong price or none at all.
Death by a Thousand Tools: Governing an MCP Server at Scale
A 900-tool MCP server is powerful and terrifying in equal measure. The answer isn't fewer tools — it's per-tenant governance, where each capability is off until an admin turns it on.
The Onboarding Tax: Why Signup Forms Break Agent Workflows
Every signup form, verification email, and OAuth redirect is a wall an AI agent can't climb. Zero-touch onboarding lets an agent create the account and sign in itself — no browser, no human relay.
Agentic Commerce: Why Your SaaS Has to Let AI Agents Buy
AI agents already research, compare, and recommend software — but the moment they hit a paywall, they stall and hand the job back to a human. Here's why that gap is expensive, and how agent-native purchasing closes it.
AI agents in AppSec pipelines: triage, remediation, and guardrails
GitHub's Copilot Autofix cuts median fix time from 1.5 hours to 28 minutes — but a 2025 Replit agent incident shows why autonomy needs hard limits.
Least-Privilege Tool Scoping for AI Coding Agents
One overprivileged GitHub token let researchers hijack an AI agent into leaking private repo data via a public issue. Scoping tool access closes that gap.
AI Agents and Supply Chain Security FAQ: 2026 Answers
Answers on where AI agents meet software supply chain security — the dependencies agents pull in, hallucinated packages, MCP servers as components, AIBOMs, and how Safeguard keeps the agentic supply chain governed.
What Is the Model Context Protocol (MCP)? And What It Means for Security
MCP is the USB-C of AI integrations — one open standard for connecting models to tools and data. It also standardizes a fresh attack surface, so understanding both halves matters.
Agents Can Now Procure Safeguard Through MCP
AI agents can browse regional pricing, compare tiers, start a Stripe checkout, and verify activation — the entire Safeguard procurement journey now runs through the MCP server.
Guardrails for Autonomous AI Agents: Allowlisting, Validation, and Human-in-the-Loop
OWASP's 2025 LLM Top 10 splits Excessive Agency into three root causes. Here's how tool allowlisting, output validation, and approval gates address each one.