Two of Three: MolTrust Closes RSAC 2026’s Open Agent Security Gaps

RSAC 2026 shipped five agent identity frameworks this week. Three critical gaps remained open across all of them. We closed two.

What RSAC showed us

Every major security vendor had an agent identity story. Cisco shipped agent governance. Cr…


This content originally appeared on DEV Community and was authored by Lars

RSAC 2026 shipped five agent identity frameworks this week. Three critical gaps remained open across all of them. We closed two.

What RSAC showed us

Every major security vendor had an agent identity story. Cisco shipped agent governance. CrowdStrike announced AI agent monitoring. Microsoft extended Entra to non-human identities. Palo Alto demoed runtime agent controls.

Then CrowdStrike's CEO disclosed two Fortune 50 agent-initiated incidents — both discovered by accident. Censys showed 500,000 publicly exposed OpenClaw instances. The pattern: the industry can verify who an agent is. Nobody was tracking what the agent actually did.

Gap 2 — Delegation without verification

A 100-agent swarm runs a deployment pipeline. Agent 12 makes the commit. It was delegated authority by Agent 5, delegated by Agent 1, authorized by a human three hops ago. Can you verify that chain cryptographically? No OAuth, SAML, or MCP has a delegation primitive for agent-to-agent.

MolTrust fix: verifyDelegationChain() — checks AAE delegation depth on-chain, max_depth enforcement, constraint inheritance.

const result = await verifier.verifyDelegationChain([
  "did:moltrust:orchestrator",
  "did:moltrust:worker-a",
  "did:moltrust:worker-b",
]);
// -> { valid: true, invalidAt: null, maxDepthExceeded: false }

Gap 3 — Ghost agents

Pilot ends. Team moves on. Agent keeps running. Credentials still valid.

MolTrust fix: Automatic ghost_agent flag after 30 days inactivity. Trust score penalty: -5 at 30d, -10 at 60d, -20 at 90d. /agents/inactive endpoint for operators.

{
  "did": "did:moltrust:ambassador0001",
  "trust_score": 75.0,
  "flags": ["ghost_agent"],
  "last_active": "39 days ago",
  "inactivity_penalty": -5
}

Gap 1 — Policy self-modification (open)

An authorized agent modifies the policy governing its own behavior. Every identity check passes. Nobody detects it. This needs an endpoint sensor / kinetic layer we don't have.

RFC open on GitHub: MoltyCel/moltrust-api#8 — looking for collaborators.

The scorecard

Gap Cisco CrowdStrike Microsoft Palo Alto MolTrust
Delegation Chain OPEN OPEN OPEN OPEN CLOSED
Ghost Agents OPEN OPEN OPEN OPEN CLOSED
Policy Self-Mod OPEN partial OPEN OPEN OPEN

Two out of three. The third needs a different kind of partner.

GitHub: MoltyCel/moltrust-api
npm: @moltrust/verify
Protocol WP v0.6.1: moltrust.ch/whitepaper
Gap 1 collaboration: security@moltrust.ch


This content originally appeared on DEV Community and was authored by Lars


Print Share Comment Cite Upload Translate Updates
APA

Lars | Sciencx (2026-04-01T10:06:12+00:00) Two of Three: MolTrust Closes RSAC 2026’s Open Agent Security Gaps. Retrieved from https://www.scien.cx/2026/04/01/two-of-three-moltrust-closes-rsac-2026s-open-agent-security-gaps/

MLA
" » Two of Three: MolTrust Closes RSAC 2026’s Open Agent Security Gaps." Lars | Sciencx - Wednesday April 1, 2026, https://www.scien.cx/2026/04/01/two-of-three-moltrust-closes-rsac-2026s-open-agent-security-gaps/
HARVARD
Lars | Sciencx Wednesday April 1, 2026 » Two of Three: MolTrust Closes RSAC 2026’s Open Agent Security Gaps., viewed ,<https://www.scien.cx/2026/04/01/two-of-three-moltrust-closes-rsac-2026s-open-agent-security-gaps/>
VANCOUVER
Lars | Sciencx - » Two of Three: MolTrust Closes RSAC 2026’s Open Agent Security Gaps. [Internet]. [Accessed ]. Available from: https://www.scien.cx/2026/04/01/two-of-three-moltrust-closes-rsac-2026s-open-agent-security-gaps/
CHICAGO
" » Two of Three: MolTrust Closes RSAC 2026’s Open Agent Security Gaps." Lars | Sciencx - Accessed . https://www.scien.cx/2026/04/01/two-of-three-moltrust-closes-rsac-2026s-open-agent-security-gaps/
IEEE
" » Two of Three: MolTrust Closes RSAC 2026’s Open Agent Security Gaps." Lars | Sciencx [Online]. Available: https://www.scien.cx/2026/04/01/two-of-three-moltrust-closes-rsac-2026s-open-agent-security-gaps/. [Accessed: ]
rf:citation
» Two of Three: MolTrust Closes RSAC 2026’s Open Agent Security Gaps | Lars | Sciencx | https://www.scien.cx/2026/04/01/two-of-three-moltrust-closes-rsac-2026s-open-agent-security-gaps/ |

Please log in to upload a file.




There are no updates yet.
Click the Upload button above to add an update.

You must be logged in to translate posts. Please log in or register.