// BLOG

Insights & Updates

Technical deep-dives on AI agent security, spending controls, and the future of autonomous payments.

// FEATURED

19 June 2026

Robinhood let AI agents trade real money. The only safety check is optional.

Robinhood's MCP lets an AI agent place real trades with no broker-side cap. A few simple rules at the gateway stop a rogue or hijacked agent draining the account.

// START HERE

What Is MCP Policy Enforcement (And Why Every Agent Needs It)

MCP policy enforcement intercepts every AI agent tool call and evaluates it against deterministic rules before execution. Here's how it works and how to set it up.

Why Prompt Guardrails Fail for AI Agent Safety (And What Works Instead)

System prompts can't enforce spending limits or prevent destructive operations. Here's why prompt guardrails fail for tool-calling AI agents and what works instead.

// THOUGHT LEADERSHIP

14 June 2026 AWS just made the case for deterministic policy at the MCP gateway → 30 May 2026 The NSA just made the case for a policy layer in front of MCP → 30 April 2026 Microsoft AGT Proved Deterministic Enforcement. Where the Next Problem Starts. → 30 April 2026 Runtime Governance Belongs at the Transport Layer → 23 April 2026 Anthropic's MCP Playbook Is for Builders. Defenders Need the Next Layer. → 20 April 2026 MCP Governance Is Table Stakes. What Comes Next? → 13 April 2026 Microsoft's Agent Governance Toolkit: 9 Packages, MCP-Blind → 10 April 2026 Bain Says Every Agentic Platform Needs a Policy Layer. We Built One. → 6 April 2026 X Just Shipped an MCP Server. It Exposes 131 Tools With Zero Access Control. → 4 April 2026 We Scanned Popular Open Source MCP Configs. Here's What We Found. → 28 March 2026 The Agent Control Problem Only Becomes Big in One World → 19 March 2026 30 MCP CVEs in 60 Days. Most Fixes Are Solving the Wrong Problem. → 16 March 2026 The Academic Case for Deterministic AI Agent Enforcement → 16 March 2026 One Tool Call Away From a $10,000 AWS Bill → 4 January 2026 Will AI Ever Be Good Enough to Not Need Spending Limits? → 8 December 2025 Agentic Finance: The $30 Trillion Opportunity Nobody is Ready For →

// FUNDAMENTALS

29 May 2026 MCP Authentication: Securing How Agents and Servers Connect → 29 May 2026 MCP Authorization: Scoping What Agents Are Allowed to Do → 29 May 2026 MCP OAuth: Connecting Agents to Protected Servers → 26 May 2026 AI Agent Containment Starts at the Environment Layer → 23 May 2026 Tool-Result Injection: The MCP Attack System Prompts Miss → 21 May 2026 System Prompts vs. Transport Firewalls: Why System Prompts Do Not Equal Security → 5 April 2026 PolicyLayer Now Enforces Budgets on Paid MCP Tools → 8 March 2026 What Happens When Your AI Agent Goes Rogue → 8 March 2026 MCP Security: Why Prompt Guardrails Aren't Enough → 8 March 2026 Why AI Agent Policies Must Be Deterministic, Not Probabilistic → 8 January 2026 Why Your Agent Shouldn't Know About Its Spending Limits → 16 December 2025 Know Your Agent (KYA): Cryptographic Identity for AI Agents → 7 December 2025 Non-Custodial Security: Why We Don't Want Your Keys → 5 December 2025 Under the Hood: How Two-Gate Enforcement Works → 3 December 2025 The Anatomy of a Wallet Drain: How One Logic Loop Cost $100k → 29 November 2025 The Binary Permissions Problem: Why Traditional Wallets Fail AI Agents → 28 November 2025 Multisig vs Policy Layers: Which Approach Secures AI Agents Better? → 27 November 2025 SOC 2 Compliance for AI Agents: Audit Trails, Access Controls & Monitoring → 25 November 2025 ERC-20 Approval Attacks: Why AI Agents Are the Perfect Target → 24 November 2025 Policy Enforcement Latency: Real-World Benchmarks → 20 November 2025 Custodial vs Non-Custodial: The Key Architecture Decision for AI Agent Wallets → 19 November 2025 PCI-DSS Compliance for AI Agents Making Autonomous Payments →

// HOW-TO GUIDES

23 May 2026 Stop Your GitHub MCP Agent From Force-Pushing to main → 23 May 2026 Blocking Outbound Exfiltration Through MCP Fetch and HTTP Tools → 23 May 2026 Namespace-Scope Your Kubernetes MCP Server From Production → 23 May 2026 Cap LLM Token Spend on MCP Agents: Cost-Scaled Limits Beyond Call Counts → 23 May 2026 Rotate MCP Credentials Across 30 Developers in One Click → 23 May 2026 Sandbox Your Shell-Exec MCP Server With Command Allowlists → 23 May 2026 Slack MCP Channel Allowlists: Stopping Agents Posting to #general → 19 May 2026 How to Safely Connect Claude Code to High-Risk Upstream MCP Servers → 12 April 2026 How to Safely Run AI Agents With Tool Access in Production → 16 March 2026 Your AI Agent Can Delete Your DNS Records → 16 March 2026 Your AI Agent Can Delete Every Container on Your Machine → 16 March 2026 Your Coding Agent Can Delete Any File on Disk → 16 March 2026 Your AI Agent Has Push Access to Every Repo → 16 March 2026 Your AI Agent Can Send Emails as You → 16 March 2026 Your AI Agent Can Run DROP TABLE on Production → 16 March 2026 One FLUSHALL Away From Losing Everything → 16 March 2026 Preventing Your AI Agent From Messaging #general → 16 March 2026 Secure Your Stripe MCP Server: Rate Limits and Spending Controls → 8 March 2026 How to Rate Limit MCP Tool Calls (With YAML Policy Examples) → 8 March 2026 How to Add Spending Controls to Any MCP Agent → 21 February 2026 One Command to Policy-Enforced Agents: Introducing the CLI Init Tool and MCP Server → 30 December 2025 x402 Policy Enforcement: How to Add Spending Limits to HTTP 402 Payments → 6 December 2025 AI Agent Kill Switch: Halt Fleet Spending in Seconds → 4 December 2025 Stablecoin Payroll: How to Automate Payouts without Risking the Vault → 1 December 2025 Coinbase SDK + PolicyLayer: The Ultimate Stack for Safe AI Agents → 30 November 2025 How to Set Spending Limits for LangChain Agents on Ethereum → 26 November 2025 How to Add Spending Limits to CrewAI Agents → 23 November 2025 How to Add Spending Limits to AutoGPT Agents → 22 November 2025 Securing Solana AI Agents: A Developer Guide → 21 November 2025 AI Agent Treasury Management: Per-Agent Budgets & Kill Switches → 18 November 2025 X402 Protocol Security: Stop AI Agents Draining Your Wallet → 17 November 2025 How to Prevent AI Agents from Draining Crypto Wallets →