A prompt injection doesn’t have to act to be dangerous. It can hide, copy itself, and spread agent to agent. Why AI security is an epidemiology problem, and how to respond.
The Prompt Injection That Copies Itself
A prompt injection doesn’t have to act to be dangerous. It can hide, copy itself, and spread agent to agent. Why AI security is an epidemiology problem, and how to respond.
MCP-Airlock is becoming Trentina — named after the 1377 quarantine system from Ragusa that inspired its architecture. Same three-layer defense, same gateway, better name.
Continue Reading “MCP-Airlock Is Now Trentina: The 1377 Quarantine That Inspired Our Rename”
Update (June 2026): MCP-Airlock has been renamed to Trentina. The project has grown from a web content sanitizer into a full MCP gateway with per-consumer profiles, tool allowlists, and parameter-level access controls. The new name reflects that expanded scope — and avoids a naming collision with another MCP gateway project. The architecture described in this
Continue Reading “MCP-Airlock: An Open Source Defense Against Prompt Injection in AI Agents”