Blog

Notes on AI agent security: permissions, approvals, audit trails, and what happens when tool execution needs governance.

May 24, 2026
Agents That Spend Money Change the Governance Problem
Cloudflare and Stripe launched a protocol letting AI agents create accounts, buy domains, and deploy to production autonomously.
agent-commercefinancial-controlsruntime-governancespending-limits
May 9, 2026
Tool-Based Access Control: The Missing Primitive for AI Agents
Role-Based Access Control was designed for humans inside static org charts; for AI agents, the granularity has to live at the tool, not at the role.
access controlai agentstool governancesecuritymcp
May 4, 2026
Containers Solve One Layer. Here's the Other One.
Tank OS puts OpenClaw agents in rootless containers. That's useful infrastructure, and a different layer of the problem than what produces the failures making news.
agent-securitypermissionsgovernanceautonomy