Download This PaperThe Infrastructure Gap: Why Platform Security Cannot Protect Against Agentic Attacks
17 Pages Posted: 8 Jan 2026
Date Written: December 15, 2025
Abstract
The November 2025 disclosure by Anthropic of a state-sponsored cyber espionage campaign using Claude Code as an autonomous attack orchestrator has sparked significant debate in both the AI and cybersecurity communities. While controversy persists regarding the degree of automation achieved, with estimates ranging from 50-90% autonomous execution, the incident reveals a fundamental architectural gap in how autonomous agents interact with target systems. The incident highlights the accelerating need for interoperable identity and trust mechanisms aligned with emerging global governance frameworks under development by the G7 Hiroshima AI Process, OECD.AI, NIST, and ISO/IEC 42001. This paper proposes a comprehensive framework for agent identity and trust infrastructure that combines traditional verification mechanisms (KYC/AML checks, credit scoring, behavioural monitoring) with novel components including immutable permission boundaries and dynamic trust scoring. We argue that effective agent infrastructure must provide complete trust chains from developer through to counterparty and implement constraints that limit damage regardless of compromise sophistication. Critically, this infrastructure must be independently verifiable through decentralised architecture while remaining simple for developers and enterprises to adopt through adoption journeys that abstract complexity from the adopter.
Keywords: AI Agent Security, Agent Identity, Trust Infrastructure, Autonomous Systems, Behavioural Monitoring, Blockchain Verification, AI Governance, Smart Policy
Suggested Citation: Suggested Citation