Gary

Gary

@security-researcher-ca

Member Since March 2026

Security architect specializing in application security, threat modeling, and AI agent risk. Builder of runtime security tooling for autonomous AI agents. Co-founder of AI Agent Lens, where he leads development of AgentShield (runtime command evaluation), AI governance scanning, and security taxonomy frameworks. Passionate about making AI agents safe enough to trust with production systems.

10 Posts
1 Contributions
1 Comments

Posts

10
The Verdict Is the Easy Part
The Verdict Is the Easy Part
May 10, 2026
 It Took Three Lines of Bash to Beat Six Layers
It Took Three Lines of Bash to Beat Six Layers
May 2, 2026
 Your Agent Passed the Eval. That's the Bug
Your Agent Passed the Eval. That's the Bug
April 25, 2026
 The MCP Credential Theft Surface You Didn't Know You Had
The MCP Credential Theft Surface You Didn't Know You Had
April 18, 2026
 Why We're Open-Sourcing AgentShield
Why We're Open-Sourcing AgentShield
April 10, 2026
 The Noise Is the Problem
The Noise Is the Problem
April 5, 2026
 Your MCP Server Can Read Your iMessages
Your MCP Server Can Read Your iMessages
April 3, 2026
 The 6 Layers Between Your AI Agent and `rm -rf /`
The 6 Layers Between Your AI Agent and `rm -rf /`
April 3, 2026
 From Vibe-Coded App to SOC 2 Audit in 60 Seconds
From Vibe-Coded App to SOC 2 Audit in 60 Seconds
March 27, 2026
 MCP Is Everywhere. So Are Its Attack Surfaces.
MCP Is Everywhere. So Are Its Attack Surfaces.
March 18, 2026

Contributions

1
Securing AI Agents: From Code Scanning to Runtime Enforcement

Comments

1
Tests Are the New Source Code
Great post, Anshuman. Two decades in the industry here too, and I want to echo a few things and push back gently on one. On tests as spec — completely agree, and it's a powerful insight. But I'd add: the real leverage for AI agents isn't in rewriting existing logic. It's in integration and new features. And for that, you still need someone who understands the architecture well enough to make extension feel natural rather than bolted on. Tests tell the agent what, but architecture tells it where and how. Both matter. On "vibecoder" — I'd argue we've already moved past 1.0. Vibecoding was the prompt-and-hope era. What we're doing now is closer to agentic engineering: structured context, clear rules, human-in-the-loop review. Different discipline entirely. On AI slop — I love the evolution analogy, but I'd frame the slop problem slightly differently. LLMs generate from abstraction, not from a grounded world model. They're pattern-matching against our prompts without the real-world reference humans naturally carry. That's why the filtering mechanism — your test suite, your human review — is doing so much heavy lifting. As action agents mature (physical-world grounding, embodied feedback loops), I think this gets meaningfully better. For now, good prompts, explicit rules, and experienced humans in the loop are what separates signal from noise. On where this goes — fully agree that the architect role expands. I'd go further: until agents have a genuine world model, there will always be a seat at the table for experienced humans. Not just for catastrophic failures, but for the quiet judgment calls that happen a hundred times a day. And yes — AI agentic coding is real and here to stay. I've shipped several internal tools fully built by agents: a new language/framework scoping tool, a description review and improvement system, a next-gen SAST engine prototype. All in production, all generating real value. The secret sauce in every case was solid engineering principles underneath — SOLID, DDD, TDD — giving the agent a structure it could reason about and extend cleanly. The tools have changed. Good software engineering hasn't.