Coverage · threat model

Agents change the threat model

Multiple articles emphasize the same point: an AI assistant that can run tools, touch files, and act on your behalf isn’t “just chat” anymore. That changes what safe defaults should look like.

Why it's different

  • More integrations = more credentials = larger blast radius.
  • Automation makes mistakes faster (and at scale).
  • Untrusted input (chat/groups/issues) can steer actions.

Practical checklist

1
Don't expose panels
Networking hardening →
2
Lock down access
Access control →
3
Protect secrets
Secrets hygiene →
Run AutoCheck → 15‑minute manual baseline →

Sources

Back to incidents →