tp tate@programs $750 proof
tate@programs ~/services/mcp-agent-security-proof public readback / policy evidence / re-check

MCP security / runtime evidence / proof packet

Outside proof for teams shipping agent-tool security.

A fixed-scope packet for MCP, agent-tool, and runtime-security teams that need a buyer, partner, or judge to see exactly what the agent was allowed to read, write, call, send, spend, deny, and escalate.

send surface pay $750 after scope sample report run drill
packet
$750
partner support
$2.5k+
default
public only
updated
May 2026

Fixed scope

A security claim only sells when the evidence is inspectable.

This packet is built for teams launching MCP security products, agent-tool gateways, policy layers, marketplace skills, enterprise copilots, or demos where the risk is tool access, private data, write actions, payment actions, and auditability.

Outside proof packet

$750

One approved surface. Includes public discovery readback, tool-risk inventory, prompt-injection and exfiltration notes, policy/action evidence, audit trail gaps, ranked patch order, and one post-change re-check.

Scope packet View sample Pay after scope

Partner support

$2,500+

White-label or subcontract support for security studios, MCP vendors, and agencies that need independent proof packets across a launch, client example, or small portfolio.

Scope support

Boundary

strict

No credential use, no login, no private endpoint guessing, no destructive testing, no paid call, no wallet signature, and no customer environment testing without written authorization.

Ask scope

practical read

The trust layer has to be visible before the demo meets a buyer.

Agent teams are moving from chat demos into workflows that touch private files, SaaS APIs, MCP servers, payment flows, browsers, databases, and other agents. That creates a different launch bar. A useful demo is not enough if the reviewer cannot see the boundaries.

Current enterprise agent launches point at the same gap: agent security, MCP governance, access control, auditability, and deployable enterprise workflows. The interesting part is not the phrase "agent security." It is the evidence buyers, partners, and judges can inspect.

What an evidence pack should show

  • What prompt-injection and exfiltration drills were run.
  • Which policy rule matched the risky step.
  • Whether the action was allowed, denied, rate-limited, quarantined, or sent to human review.
  • Which tool scope was active: read, write, network, filesystem, payment, or destructive action.
  • What the agent claimed it intended to do versus what the policy layer detected.
  • Which audit event proves the decision after the demo is over.

A2A makes identity part of security

The Agent2Agent project frames A2A around agent discovery, capability declaration, task collaboration, and secure interoperability. That means an agent-security review should not stop at prompt text. It should also ask: who is this agent, what skills does it declare, what provider owns it, and what authentication is expected before another agent delegates work to it?

Gemini belongs in the test loop, not in the leak path

Gemini and AI Studio are useful for generating adversarial drill cases, summarizing evidence, and testing long-context agent workflows. The operational mistake is putting a model key where the browser bundle, a screenshot, or a public repo can expose it. A safe demo uses AI Studio directly or keeps API keys behind a server-side route.

Policy without audit is hard to sell

A policy rule that blocks a bad action is useful during the demo. An audit event that explains the block is useful after the demo. The second part is what makes the difference for regulated workflows, enterprise buyers, and judges looking for measurable risk reduction.

The small workflow that helps most

  1. Load the project or paste the architecture notes.
  2. Run prompt-injection, exfiltration, tool-boundary, and human-review checks.
  3. Generate the fix queue.
  4. Export a policy starter, A2A Agent Card, audit schema, and Gemini drill prompt.
  5. Keep the evidence pack with the submission or buyer handoff.

Why I built the drill kit

Agent Security Drill Kit is a browser-only version of that workflow. It is intentionally local, because early-stage teams should be able to inspect a project without uploading source code to a third-party scanner. The paid proof packet adds a private outside readback, patch order, and re-check for launches that need the result to stand up in front of customers or partners. 

open https://tateprograms.com/agent-security-drill.html
load project
export evidence pack
patch top risks

source trail

Signals this page tracks.

techex

Agent Security & AI Governance

Current enterprise-agent launch tracks center security on guardrails, observability, access control, audit, and red-team tooling.

open source

trust3

MCP governance

Trust3's MCP Security launch frames the buyer pressure clearly: verified connections, tightly scoped permissions, and auditable sessions.

open source

a2a

Agent identity

The A2A project describes agent discovery, capability negotiation, task collaboration, and security expectations between independent agents.

open source

cosai

MCP taxonomy

CoSAI's MCP security taxonomy gives teams a shared language for tool poisoning, excessive permissions, confused-deputy flows, and audit requirements.

open source

gemini

Model testing

Google's Gemini API and AI Studio docs are the integration path for teams using Gemini in agent workflows and test generation.

open source