Ideas Topic
Security and Governance
Trust boundaries, identity, scoped access, prompt injection, MCP security, and auditability.
Why MCP Tool Access Does Not Replace Runtime Identity
MCP can narrow which tools an agent may call, but it does not replace runtime identity, delegated user access, or downstream system permissions.
Read the piece Framework
Agent Identity Patterns: Which One to Use, and When
The real choice is not whether an agent has credentials. It is which identity pattern fits the ownership boundary around the action.
Build Note
What Every Agent Runtime Should Share
Triggers, validation, recovery, and auditability belong in the scaffold, not re-invented agent by agent.
Security Brief
Why MCP Is a Trust-Boundary Problem
The problem is not connector count. It is identity, scope, trust boundaries, and what the runtime is allowed to do.
Contrarian
Stop Calling Every Workflow an Agent
Autonomy, recovery, and access boundaries matter. Without them, it is automation wearing new language.