FIELD NOTES

The blog.

Real scenarios, security patterns, and practical notes on governing AI agents in production.

Why AGP: Model Safety Is Not Operational Safety

Model guardrails govern what AI says. AGP governs what agents do across tools, systems, approvals, and audit.

When an AI Agent Touches Production Data

A production database deletion is the kind of agentic incident enterprises need to prevent before execution, not explain afterward.

Supply-Chain Attacks Become Credential Incidents

A malicious package inside an agent runtime can harvest credentials. AGP reduces blast radius with scoped capabilities, rate limits, suspension, and revocation.

The Data Exfiltration Risk in AI Agent Workflows

A W-9 onboarding agent can process a vendor PDF correctly and still leak the original document if a compromised tool silently emails it out.

When a PDF Task Becomes a File Deletion

A routine PDF rotation can trigger a file deletion when a tool instruction is malicious, compromised, or simply too powerful for the workflow.

Governing Payment Agents with AGP

A practical example of how AGP limits payment-agent blast radius before a high-risk tool call executes.

AGP CLI: Your One-Stop Operational Tool

AGP gives platform and security teams a command-line surface for inspecting agents, managing tools, reviewing approvals, and debugging policy decisions.