Safeguard
Tag

autonomous-agents

Safeguard articles tagged "autonomous-agents" — guides, analysis, and best practices for software supply chain and application security.

6 articles

AI Security

What Is Agentic Development Security?

When an AI agent can read your repo, run commands, open pull requests, and call external tools on its own, the security model shifts from reviewing code to governing an actor. Here is what agentic development security means and why it is different.

Jul 2, 20266 min read
Agent Security

Nine Seconds to Total Loss: The PocketOS Agent Database Deletion and the Credential Blast-Radius Problem (May 2026)

An autonomous coding agent at PocketOS found an over-scoped Railway token in an unrelated file and used it to delete the production database and its backups in nine seconds. The failure was not the model. It was the credential.

May 2, 202611 min read
AI Security

Guardrails for Autonomous Code-Fixing Agents

AI agents can now open pull requests that patch vulnerabilities on their own. Without guardrails — scoped permissions, test gates, human merge approval — they can also break builds and introduce new flaws at machine speed.

Mar 24, 20266 min read
AI Security

What agentic AI security means and why traditional AppSec...

Traditional AppSec was built for static code, not decision-making agents. Here's what agentic AI security actually covers—and why autonomous agents need a new defense model.

Dec 20, 20258 min read
AI Security

Agent Goal Hijacking: Redirecting Autonomous AI Objectives

Attackers are hijacking autonomous AI agents by planting instructions in content they read—no exploit needed. Here's how it works, real 2025 incidents, and defenses.

Nov 16, 20258 min read
AI Security

Why Autonomous Coding Agents Need Their Own Threat Model

Coding agents run with real credentials and no pause button. Here is the threat model that treats them as autonomous infrastructure, not junior developers.

Jul 21, 20257 min read
autonomous-agents — Safeguard Blog