Kontext Blog
Kontext Blog: Practical, vendor-neutral guides on AI context, memory, retrieval, grounding, privacy, cost control, and production ops.
Practical writing on AI agents, authorization, MCP, privacy, and production security.
Latest posts
- Agent Intent - No One Knows What It Means, But It's Provocative
Runtime authorization should not pretend to verify agent intent. It should combine deterministic boundaries with real-time risk scoring, then escalate when an action is unsafe to allow.
- Announcing Kontext
Kontext gives your AI agents proper identity, scoped access, and audit trails. So they work in production, not just in demos. One SDK. One line. This starts at kontext.require().
- How to Keep a Secret: Why Personal AI Assistants Like OpenClaw Are a Security Nightmare
OpenClaw has taken over Twitter as an autonomous AI assistant that reads your emails, executes shell commands, and browses the web. From unauthenticated access to credential sprawl to prompt injection - here's a security analysis of what's broken and what we can do about it.
- The 5 Agent Security Failures Your IAM Stack Can't See
Your IAM stack can authenticate people—but it can't authorize what autonomous systems do on their behalf. Five failures that show up the moment your copilot becomes an agent, and what to do about them.
- The API Key is Dead: A Blueprint for Agent Identity in the age of MCP
How to move agents from static API keys to standards‑based OAuth—covering MCP architecture, autonomy levels, escalation, federation, and enterprise needs.
- Should You Care About Prompt Injection? (Probably.)
Agents read untrusted content and turn it into actions. Sanitize → detect → enforce at tool boundaries to make that speed survivable.
- Read. Write. Own. Delegate.
The next great leap in the digital age isn't just about ownership—it's about intelligent delegation. Explore how autonomous agents can amplify our capabilities while maintaining our sovereignty.