Safeguard
Tag

mcp-security

Safeguard articles tagged "mcp-security" — guides, analysis, and best practices for software supply chain and application security.

57 articles

AI Security

How to Audit the Dependencies of an AI Agent

An AI agent's dependency tree spans packages, MCP servers, models, and system prompts. A step-by-step audit method that actually enumerates all four layers.

Jun 12, 20266 min read
Buyer's Guides

Best AI Security Tools in 2026: Guardrails, Red Teaming, and Agentic AI Security Compared

An honest guide to the best AI security tools in 2026 — red-teaming and testing tools, runtime guardrails for prompt injection, agentic AI and MCP security, and the AI supply chain layer (AIBOM) — with a clear best-for line for each.

Jun 11, 20268 min read
AI Security

Cursor's AI security agents: what they get right and what's missing

Cursor's Bugbot and MCP agents catch real bugs, but CurXecute and MCPoison show they open new attack surfaces SCA tools never had to face.

Jun 6, 20266 min read
AI Security

Claude Code and Claude Desktop security integrations

Claude Code's shell access and MCP's connector boom are reshaping software supply chain risk. Here's what security teams need to know and do.

Jun 6, 20267 min read
AI Security

Sonatype Guide: Securing Agentic AI Development

Sonatype's new guide reframes AI dependency risk, but its scanner-based model can't govern agents that install packages and call MCP tools on their own. Here's the gap and how to close it.

Jun 5, 20269 min read
AI Security

AI agent skills and plugin repositories: why they need th...

AI agent skills and MCP plugins are packages in disguise—executable, publicly registered, and largely ungoverned. Here's why they need npm-grade supply chain controls.

May 30, 20268 min read
AI Security

Securing AI coding assistants: governance patterns for to...

AI coding assistants like Claude Code and Cursor now write, install, and execute code with minimal oversight. Here's the governance framework that closes the gap JFrog's artifact scanning leaves open.

May 28, 20267 min read
AI Security

Securing MCP Servers and Agent Skills in the Enterprise

MCP servers and agent skills give AI agents new power—and new attack surface. Here's how tool poisoning and rug-pull attacks work, and how to stop them.

May 14, 20267 min read
AI Security

Prompt injection attacks against AI coding/security tools

AI coding assistants like Copilot and Cursor can be hijacked by hidden text in files, comments, and packages. Here's how prompt injection malware works and how Safeguard detects it.

May 9, 20266 min read
AI Security

Security scanning for MCP servers and AI agent tool use

MCP servers give AI agents direct tool access, but most ship unvetted. Here's how security scanning catches tool poisoning and rug-pull attacks.

May 7, 20267 min read
AI Security

The State of Agentic AI Adoption report

New survey data on the state of agentic AI adoption shows enterprises racing to deploy autonomous agents faster than security teams can govern them.

Apr 25, 20268 min read
AI Security

MCP Security

MCP is standardizing how AI agents call tools, and attackers are already exploiting tool poisoning, rug pulls, and shadowing. Here's what MCP security actually requires.

Apr 17, 20267 min read
mcp-security (Page 2) — Safeguard Blog