openclaw-workspace/memory/2026-02-13.md

# 2026-02-13 - Daily Memory Log

## YouTube Summary: Zero Trust in the Age of Agentic AI

**Video:** https://youtu.be/d8d9EZHU7fw  
**Topic:** Cybersecurity - Securing AI Agent Systems with Zero Trust Principles

### Key Concepts

**Agentic AI Risks**
- AI agents that act (call APIs, buy things, move data, spawn sub-agents) introduce entirely new attack surfaces
- Non-Human Identities (NHIs) - software actors using credentials - proliferate rapidly and need same/more control than human users

**Core Zero Trust Principles**
- "Never trust, always verify" - verification precedes trust
- Just-in-time access vs. just-in-case (privilege only when needed)
- Principle of least privilege
- Move from perimeter-based security to pervasive controls throughout the system
- Assumption of breach (design assuming attackers are already inside)

**Attack Vectors on Agentic Systems**
1. Direct prompt injection - breaking context to make agents do unauthorized things
2. Policy/preference poisoning - manipulating training data or context
3. Interface insertion - hijacking MCP calls or tool interfaces
4. Credential attacks - stealing/copying NHI credentials to escalate privileges
5. Attacks on APIs, data sources, tools, and spawned sub-agents

**Zero Trust Solutions for AI**
- Unique dynamic credentials for every agent/user stored in vaults (never embedded in code)
- Tool registries with vetted/verified secure APIs only
- AI firewalls/gateways for prompt injection detection and blocking
- Continuous monitoring for data leaks and improper calls
- Just-in-time privilege enforcement with strong authentication

### Why It Matters
As AI agents become more autonomous and integrated into systems, traditional perimeter security fails. Zero Trust principles adapted for software actors (NHIs) and agent-to-agent interactions will become critical for securing AI-native infrastructure.

---

*Stored during pre-compaction flush*