Blog

Notes on AI agent security: permissions, approvals, audit trails, and what happens when tool execution needs governance.

May 9, 2026
Tool-Based Access Control: The Missing Primitive for AI Agents
Role-Based Access Control was designed for humans inside static org charts; for AI agents, the granularity has to live at the tool, not at the role.
access controlai agentstool governancesecuritymcp
May 4, 2026
Containers Solve One Layer. Here's the Other One.
Tank OS puts OpenClaw agents in rootless containers. That's useful infrastructure, and a different layer of the problem than what produces the failures making news.
agent-securitypermissionsgovernanceautonomy