Insecure Agents Podcast

We’ll be podcasting out of @snyksec’s sandbox space close to Moscone on Wednesday at RSAC! Who should we talk to? Whose launch should we cover? 👀 DM us :)

@kinglycrow Very cool Ian!

realized it might be better to show a video of the visualization, but i also added git diff signals last night!

lately i've been pretty interested in tools that help me digest and understand large amounts of changes from agents so i built a little thing 🧵

Every week someone declares MCP is dead. It's not, it's just architecturally incomplete. The real problem? No middleware layer. No tool negotiation. And API keys leaking straight into the context window. We broke this down in November and nothing's changed:

@dexhorthy @vtahowe @kylebhiro @daytonaio @shcallaway @sazabi fr 👀

@vtahowe @kylebhiro @insecureagents @daytonaio @shcallaway @sazabi tbpn better watch out

We’re talking about sandboxes and security today at @daytonaio Compute! Great to chat with @shcallaway on how his new company @sazabi is using sandboxes to build the future of AI native observability

Pavan from WorkOS explains why static roles and traditional identity solutions don't work for agents "You can't predict every single permutation of what exactly is needed for this goal and create a predefined role for it"

Listen on Spotify: open.spotify.com/episode/2AZdEf…

Our episode with Pavan Kulkarni and Aaron Tainter from @WorkOS is LIVE! Listen to understand why developers are feeling the pain from missing agent identity infrastructure and to learn more about their recent FGA launch. 00:00 Introduction to Agent Identity and FGA 01:31 Developer Pain From Missing Agent Identity Infrastructure 03:04 The Need for Solutions Like Fine-Grained Access Control 06:00 Understanding FGA and Its Benefits 08:48 Challenges with Current Authorization Models 13:47 FGA User Experience 14:20 FGA as an Extension of RBAC 17:56 Customer Feedback and FGA Iteration 21:08 Why Static Roles Don't Work for Agents 24:08 Ephemeral Privileges 25:52 What's Next for FGA

Developers are starting to feel the pain of missing agent auth infrastructure We got to sit down with @WorkOS to discuss their recent Fine-Grained Auth (FGA) launch. Full episode drops tomorrow 👀

Watch the full episode with James Cowling, CTO and co-founder of @convex (the platform that helps power OpenClaw) 0:00 Introduction to Convex and Its Growth 4:37 The Role of Infrastructure Startups in AI 6:48 Building Blocks for Sustainable Software Development 12:10 Security by Default in Agentic Software Development 18:21 The Challenges of Code Review as Agents Eat All of Software 23:44 The Evolving Relationship Between Developers and Agents 24:57 Enhancing the Developer <> Convex Feedback Loop with Agents 30:36 The Shift in Developer Preferences 34:44 Navigating Security Challenges in AI 41:48 The Importance of Security Early in Development

"If I just use this platform with building blocks that are hard to misuse the agent just does the right thing" @jamesacowling explains why proper architectural building blocks are key for agents

Full episode: open.spotify.com/episode/6Gq6Zz…

Episode 24 with James Cowling CTO of @convex is LIVE! Listen to understand how agents building all of software will change who we build for.

Link to full episode out now! open.spotify.com/episode/66BRXQ…

Where does OpenClaw fall short and why? Listen to @getyourmomo founder, Cailyn Yong, explain why Momo's memory is better and what it takes to build a personal assistant agent with security in mind.

Welcome to our live show! x.com/i/broadcasts/1…

Full episode: open.spotify.com/episode/3EXXFf…

Listen to hear how @kwindla handles compaction for a continuously running voice agent