🛡️

Evaluation & Guardrails

Eval harnesses, safety layers, and continuous quality monitoring.

34 articles

Learning Series Browse by Tag

Latest

Latest in Evaluation & Guardrails

No posts published in the last 14 days.

Fake MCP Servers Are Poisoning AI Coding Tools

MCP security

Security

Fake MCP Servers Are Poisoning AI Coding Tools

Fake MCP servers can manipulate AI coding assistants into unsafe changes. Learn how tool poisoning works and how to verify and lock down MCP access.

Tom Hundley

March 31, 2026

Read article

All recent

1/10

Auto-advancing

All posts

Security

9 of 9 parts

View series

MCP securityAI agent poisoning

Fake MCP Servers Are Poisoning AI Coding Tools

Fake MCP servers can manipulate AI coding assistants into unsafe changes. Learn how tool poisoning works and how to verify and lock down MCP access.

March 31, 2026

Read

github secrets leakedai coding tools security

29 Million GitHub Secrets: A Vibe Coder Wake-Up Call

GitGuardian found 28.65 million leaked secrets on GitHub in 2025. Here's how vibe coders accidentally expose credentials and how to fix it today.

March 31, 2026

Read

gitguardian 2026 reportai coding tools secret leaks

64% of Leaked Secrets Still Work Years Later — And Yours Might Be One of Them

GitGuardian reports 64% of secrets leaked in 2022 were still active in 2026. Learn how to find, revoke, and prevent exposed API keys.

March 29, 2026

Read

github actions securitygithub runner compromise

GitHub Runner Compromise Explained for Vibe Coders

Your GitHub runner holds the keys to your cloud accounts. Learn what a runner compromise means, why vibe coders are especially vulnerable, and how to lock down your deployment pipeline today.

March 28, 2026

Read

agent-to-agent attacksai agent security

Agent-to-Agent Attacks: How AI Tools Infect Each Other

Agent-to-agent attacks let one compromised AI tool influence others in your workflow. Learn the risks, warning signs, and practical defenses.

March 27, 2026

Read

OWASP LLM Top 10AI app security

OWASP LLM Top 10 for Vibe Coders

The OWASP LLM Top 10 maps the most common AI app security failures. Here's what vibe coders building with Cursor, Bolt, Replit, v0, and Lovable need to know—and fix—before shipping.

March 26, 2026

Read

meta ai agent incidentai agent security

Meta's Alleged Rogue AI Agent: What Vibe Coders Should Actually Learn

A reported Meta AI access-control failure offers a practical lesson for vibe coders: treat AI-generated auth, roles, and queries as security-critical code.

March 25, 2026

Read

ai agent securitycursor security

AI Agent Security for Vibe Coders

AI coding assistants can access more than you think. Learn how to lock down Cursor, Bolt, v0, and other tools before your next build session.

March 24, 2026

Read

git directory exposuredeployment credentials leaked

252K Servers Leak Deployment Credentials via Exposed .git Folders

Exposed .git folders can leak repo URLs and embedded tokens. Learn how to check your site, block access, and rotate compromised credentials fast.

March 23, 2026

Read

mcp oauth implementationmcp security enterprise

MCP OAuth 2.1 Implementation: Token Lifecycle Patterns for Production Agent Systems

Learn practical OAuth 2.1 token lifecycle patterns for MCP agent systems, including rotation, delegation, DPoP, and enterprise IdP integration.

March 26, 2026

Read

Showing 1 to 10 of 34 results

Ready to Transform Your Business?

Get practical AI insights delivered to your inbox or schedule a consultation to discuss your AI strategy.

Executive Programs Contact Us