blog

Writing on runtime security for AI agent commerce. Threat models, red team findings, methodology. RSS.

• 2026-04-21

  Anatomy of a guardrail bypass draft

  A walkthrough of a real finding from the v1 red team: how an attacker class defeated the keyword engine and what the v2 semantic layer does differently.

• 2026-04-15

  Threat model: agent commerce

  Threat actors, security primitives, and STRIDE coverage for the agentic-commerce layer pop-pay defends.

• 2026-04-15

  Red-team methodology (overview)

  How pop-pay is tested under adversarial pressure: the corpus framework, scoring semantics, and reproducible harness.

• 2026-04-15

  Vault cryptography

  AES-256-GCM at rest, scrypt with compiled-salt hardening, downgrade defense, and the active-attack matrix for the credential vault.

• 2026-04-14

  Why we built pop-pay draft

  The story behind point-one-percent: why static spending caps don't protect against hallucination loops, and why we made card extraction structurally impossible instead of policy-impossible.