A new ThirdKey Research preprint on steganographic exfiltration in embedding stores, and a cryptographic provenance defense.

Why prompt-based safety degrades under the same pressures as human working memory, and what to build instead.

Introducing ToolClad: Declarative Tool Interface Contracts for Agentic Runtimes

Every agent framework has a loop. Call the LLM, parse the tool calls, execute them, feed the results back. ReAct, AutoGPT, LangGraph, CrewAI — the shape is always the same. What differs is what happens when things go wrong, and more importantly, what can’t happen at all.

Symbiont v1.4.0 is here. This release adds four major capabilities to the agent runtime: persistent agent memory, cryptographic webhook verification, automated skill scanning, and metrics telemetry. Together, they close the gap between “agent that runs” and “agent you can trust in production.”

AI agents are increasingly acting on our behalf — reading email, writing code, managing infrastructure, negotiating with other agents. But there’s a fundamental gap in this ecosystem: when an agent claims to be “Scout v2 from Tarnover LLC,” how does anyone verify that claim?