OMOleg Mukhininolegmukh.in·Mar 20 · 5 min read40 Threat Scenarios for MCP, A2A and AG-UILast week I published the Open Agent Threat Format (OATF) specification, a YAML-based format for describing and reproducing attacks against AI agents. Today I'm releasing the companion to that specifi00
OMOleg Mukhininolegmukh.in·Mar 12 · 7 min readDepth vs breadth: the two kinds of AI agent security testingGartner predicts up to 40% of enterprise apps will feature AI agents by end of 2026, up from less than 5% in 2025. That could sharply expand the agent attack surface in a single year. And there is no 00
OMOleg Mukhininolegmukh.in·Feb 13 · 9 min readA Declarative Schema for MCP Attacks: Why We Need OneThere are over 17,000 public MCP servers and there is no standardised way to test whether an AI agent can survive a malicious one. We have benchmarks for model safety. We have static analysis for tool00