Archive

Security

• What Are NVIDIA-Verified Agent Skills and How Are They Checked?

  May 26, 2026 · agent-governance · agent-skills · security · MCP

  NVIDIA described verified agent skills as cataloged, scanned, signed skills with machine-readable skill cards, including scanning with SkillSpector for agent-specific risks.

• What OAuth 2.1 Requirements Did MarkTechPost Attribute to MCP Authentication?

  May 26, 2026 · mcp · oauth · security · identity · agent-infrastructure

  MarkTechPost reported that MCP mandates OAuth 2.1 for protected HTTP deployments when authorization is implemented, including OAuth 2.1 with PKCE and related metadata and validation requirements.

• Researchers: small skill edits can subvert agents

  May 23, 2026 · security · prompt-injection · skill-registries · supply-chain

  The Register reports on a preprint describing semantic supply-chain attacks on AI agent skill registries.

• Proton Pass adds monitored credential sharing for agents

  May 23, 2026 · security · secrets · access-control · tooling

  Help Net Security reports Proton Pass introduced AI access tokens for scoped, logged sharing with AI agents.

• Identity security budgets shift to cover agent identities

  May 23, 2026 · identity · security · budgets · governance

  Dark Reading summarizes Omdia research on identity security for AI agents and related budgeting patterns.

• Microsoft introduces Rampart and Clarity red-team agents

  May 22, 2026 · security · red-teaming · enterprise-agents

  Microsoft launched two new AI agents, Rampart and Clarity, described as a “red team combo.”