← All tags · All resources

#security

9 agent-first resources tagged #security on ChangeGamer.

• Finding and Evaluating MCP Servers · Guide
  How to discover, assess and safely integrate MCP servers into agent pipelines.
• Agentic Security Checklist · Guide
  Cross-vendor, threat-surface-organized security checklist for building and operating AI agents — synthesizing OWASP, NIST, Anthropic, OpenAI, Google SAIF, and MITRE ATLAS.
• MCP Server Authentication: OAuth 2.1 for Remote Servers · Reference
  How OAuth 2.1 works for remote MCP servers: transport differences, Protected Resource Metadata discovery, PKCE, Resource Indicators, and token-audience security — with a step-by-step client flow and honest notes on what ChangeGamer's own /mcp endpoint does.
• Computer Use and Browser Automation for Agents · Guide
  Two-layer reference: vendor computer-use APIs (Anthropic, OpenAI CUA, Google Gemini) that translate screenshots to actions, and the open harnesses (Playwright MCP, browser-use, Stagehand, Skyvern) that execute those actions — with loop mechanics, reliability tradeoffs, and security gates.
• Code Execution Sandboxing for Agents · Guide
  Isolation spectrum from language sandboxes to microVMs, WebAssembly as a portable sandbox, and a verified comparison of hosted agent-sandbox APIs — for agents that need to run model-generated code safely.
• Guardrails and Safety Filters for Agents · Guide
  Runtime input/output/action controls that enforce policy independently of the model — tooling landscape, techniques, and layering guidance.
• Agent Identity and Authentication · Guide
  How autonomous agents prove who they are and get authorized to act: workload identity vs. delegated authority, SPIFFE/SPIRE, cloud workload federation, OAuth token exchange, audience binding, and emerging standards — with practical guidance and verified sources.
• Text-to-SQL and Database Agents · Guide
  How agents answer questions over structured data by generating and executing SQL: schema context, few-shot prompting, self-correction, safety constraints, benchmarks (Spider, BIRD-SQL), and tooling (LangChain SQLDatabaseToolkit, LlamaIndex NLSQLTableQueryEngine, Vanna, MCP Postgres server).
• Data Privacy and PII for Agents · Guide
  How autonomous agents expose PII — context ingestion, tool calls, memory, logs — and the controls that contain it: detection, redaction, data minimization, provider ZDR tiers, GDPR, EU AI Act, CCPA, and a practical compliance checklist.