Everyone Is Buying AI Guardrails. But Agents Have the Keys to the Car.
Security Boulevard, Monday, June 8th, 2026
Prompt-and-output guardrails miss the real risk: securing what AI agents actually do with tools, APIs, and data.
The article argues that the first wave of AI security resembled a WAF for LLMs, inspecting prompts, filtering outputs, and blocking obvious bad patterns.
Agents change the security question: it is no longer enough to ask what the model said, but what the agent did, which tool it used, which API it called, what data came back, which action was taken, and whether it was expected, allowed, and safe.
The core point is that many enterprises have guarded the model while agents still have 'the keys to the car.' This highlights the gap between traditional guardrails and the emerging need for agentic security. The post is syndicated from Salt Security and authored by Roey Eliyahu.