Security blog

Research, frameworks, and field notes on AI agents.

Written by our practitioners. What we find in assessments, how attacks actually look, and what real remediation looks like.

SANDBOX agent scoped ✗ host fs ✗ secrets ✗ network ✓ allowlist ✓ task scope ✓ ephemeral contained by default

Sandbox the AI agent. Or the next incident is already in your repo.

The single highest-leverage control most teams running AI dev tools are missing. Why sandboxing is the meta-control after the Cursor/Railway incident.

Read article ↗
$ frontiersec scan --target support-agent CRITICAL Data exfiltration via prompt injection HIGH Cross-customer data leak Guardrails: 1. Enforcement: none.

I threat modeled a customer support agent. Here's what I found.

A walkthrough of a real agent assessment using the ATLAS framework, including the exfiltration path nobody saw coming.

Read article ↗
7 attack vectors mapped

The 7 ways AI agents get compromised.

A practical attack taxonomy for AI agents, with concrete scenarios for each one. Not theoretical, not hand-waving.

Read article ↗
get_customer send_email exfiltration path read_database execute_code arbitrary access

The tool combination problem nobody's auditing.

Individual tools look safe. Combined, they create exfiltration paths, fraud chains, and privilege escalation.

Read article ↗
system: "Never share customer data" ✓ suggestion bypassed user: "Ignore previous instructions..." ✗ no enforcement

System prompts are not guardrails.

Why "don't share customer data" in a system prompt is a suggestion, not a security control, and what to use instead.

Read article ↗
Agent 1 sanctioned ✓ logged Agent 2 sanctioned ✓ logged ??? shadow ✗ no logs you said 2 agents. we found more.

Shadow agents: the AI security problem you can't see.

Your employees are running AI agents with personal API keys and company data. How to find them and what to do about it.

Read article ↗
1/5 How many agents are running? 2/5 What can they access? 3/5 Tested against injection? readiness score: needs attention

5 questions every CISO should ask about AI agents.

A quick diagnostic for security leaders to assess whether their organization's AI agents are governed, monitored, and controlled.

Read article ↗

Ready to see what we find in your environment?

Book a free two-week AI agent security assessment. Real findings, real attack paths, board-ready writeup.