Safeguard
Tag

ai-agents

Safeguard articles tagged "ai-agents" — guides, analysis, and best practices for software supply chain and application security.

66 articles

Supply Chain Attacks

How Malicious Skills Get Distributed Through Agent Registries

CVE-2025-59536 (CVSS 8.7) let a single malicious commit auto-approve MCP servers in Claude Code, no install click required. Registries need the same controls as package managers.

Jul 8, 20266 min read
AI Security

Prompt injection via AI agent CI/CD workflow tampering

A single malicious PR title was enough to make three major AI coding agents leak API keys straight out of a GitHub Actions runner.

Jul 8, 20266 min read
AI Security

Governing AI agents inside the execution loop

Snyk's Evo Agentic Development Security, in open preview since June 23, 2026, hooks directly into an agent's tool calls — proof that pre-deployment review can't govern a decision made mid-session.

Jul 7, 20268 min read
AI Security

New security risks across the agentic development lifecycle

Snyk found 76 confirmed-malicious skills among 3,984 analyzed and roughly a third of public MCP servers carrying exploitable flaws — legacy AppSec never modeled an agent as the author.

Jul 7, 20267 min read
AI Security

Securing MCP integrations for enterprise AI assistants

Claude's May 2026 enterprise and desktop expansion put MCP tool calls in front of compliance teams and IDEs alike — governance can no longer be an afterthought.

Jul 7, 20268 min read
FAQ

Agentic AI Security FAQ: Governing Autonomous AI in 2026

Clear answers on securing agentic AI — what makes autonomy risky, how tool scope and identity work, prompt injection and confused-deputy failures, and how Safeguard governs agents that act on your systems.

Jul 6, 20266 min read
FAQ

MCP Server Security FAQ: Safeguarding AI Agent Tool Access in 2026

Plain answers about securing the Model Context Protocol — what an MCP server exposes, how agents authenticate, the prompt-injection and tool-poisoning risks, and how Safeguard's MCP server fits in.

Jul 4, 20266 min read
AI Security

AI Agent Tool-Use Security: Locking Down What Agents Can Do

The moment you give an LLM tools, it stops being a chatbot and becomes an actor in your systems. Tool-use security is about making sure a compromised agent hits a wall instead of a credential.

Jul 1, 20266 min read
AI Security

Agentic AI Security: Why Architecture Beats Model Size in Vulnerability Discovery

The CyberGym leaderboard shows the lead in AI vulnerability discovery moving to multi-agent orchestration, not raw model scale. Here is what that means for security teams betting on agentic AI.

Jun 21, 20267 min read
Industry Events

Where Defenders Should Be: The H2 2026 Cybersecurity Conference Calendar

A preview of the major H2 2026 security events — Black Hat USA, DEF CON 34, USENIX Security — and the agentic AI security and supply chain themes that will dominate the agendas.

Jun 19, 20267 min read
Industry Events

Black Hat Arsenal 2026 Preview: The Agentic AI and Supply-Chain Tools to Watch

Black Hat USA 2026 runs August 1–6 at Mandalay Bay, with Arsenal August 4–6. Here is an honest preview of the open-source tool categories worth your time — and how to tell signal from demo-day hype.

Jun 17, 20267 min read
Industry Events

Black Hat USA 2026 Preview: Agentic AI Security Takes Mandalay Bay

A preview of Black Hat USA 2026 at Mandalay Bay, Aug 1-6. Why agentic AI security, the software supply chain, and post-quantum readiness are the threads to watch before the briefings begin.

Jun 15, 20267 min read
ai-agents (Page 2) — Safeguard Blog