Blog
Dispatches on agent authorization, identity, and runtime governance for AI in production.
Your Agents Are Non-Human Identities. You Are Managing Them Like Service Accounts.
Machine identities already outnumber humans by more than eighty to one, and agents are the fastest-growing class among them. Treating an autonomous, tool-calling agent like a static service account is how the authorization gap becomes a breach.
Tool Poisoning: The Confused Deputy Comes for MCP
In 2025, researchers showed that the description text of an MCP tool — metadata the user never reads — can hijack an agent into exfiltrating private data. The tool was trusted. The delegation behind it was never checked. That is a confused deputy, industrialized.
Runtime GovernanceThe Replit Deletion: Why "Don't" Is Not an Authorization Boundary
An AI agent deleted a production database during a code freeze, after being told in capital letters not to touch it. The instruction was clear. It was also unenforceable. An instruction the agent can choose to ignore is not a control.
ThesisDelegation Is the Hard Part: When Your Agent Becomes a Confused Deputy
The Model Context Protocol made it trivial to hand an agent a tool. It did nothing to record who authorized the agent to use it, or on whose behalf. That missing answer is where the next class of agent incidents lives.
ThesisThe Authorization Gap: Why Agent Security Starts After the Login
Your AI agents log in with a human's credentials and inherit everything that identity can do. No one decided what they should be allowed to decide to do. That space — between a permitted action and an authorized one — is where every agent incident is born.
Runtime GovernanceThe IDEsaster Incident: What 30+ CVEs Tell Us About Agent Environment Risk
30+ CVEs across every major AI coding assistant exposed the authorization gap at the core of autonomous agent environments. Here is what the incident tells us about runtime governance.
Security ResearchIDEsaster Technical Deep-Dive: 30+ CVEs in AI Code Assistants Analyzed
December 2025 disclosure reveals 30+ CVEs affecting 100% of tested AI IDEs. Critical vulnerabilities include CVE-2025-54135 (CVSS 8.6), CVE-2025-54136, and CVE-2025-52882 (CVSS 8.8).
AnnouncementIntroducing DeepSweep.ai: Proactive Security for AI Code Assistants
We're launching proactive security validation for AI Code Assistants—OWASP aligned protection that works with any AI coding tool.
SecurityThe Memory Poisoning Crisis: Why Every AI Agent is Vulnerable
A deep dive into the architectural vulnerabilities in modern AI agent systems and why traditional security approaches fall short.
PhilosophyThe Secure AI Development Manifesto
Six principles for building secure AI-assisted applications with transparency, accountability, and OWASP alignment.
TutorialA Practical Security Pass for Your LangChain Agent Project
LangChain projects concentrate agent risk in the files nobody reviews: assistant rules, MCP server wiring, and AI-generated tool code. Here is how to check that surface with DeepSweep's free tooling, step by step.
See where your AI-generated code stands.
Run a free Agent Environment Review — local, no code upload. Catch what your AI agent got wrong before it reaches a pull request.
Review my agent environment — free