Agentic AI Security
Securing an Autonomous Agent Pipeline in Government
Security review of a multi-agent automation pipeline handling citizen-service workflows.
Client profile
A government agency piloting a multi-agent pipeline to triage and action citizen-service requests across several internal systems.
The challenge
Autonomous agents were coordinating through an MCP-integrated toolchain with access to multiple back-end systems. The agency needed to understand how the agents could be manipulated and how far an attacker could pivot if one agent were compromised.
What we did
- Charted every agent, tool, and MCP server, and the trust between them.
- Executed agentic workflow injection against multi-step decision points.
- Reviewed MCP server exposure and the data each tool could reach.
- Modelled blast radius for a compromised agent.
What we found
- An injected instruction in one agent's input could redirect a downstream agent's actions.
- Several tools were exposed to agents that never needed them.
- Human-oversight checkpoints were missing on higher-impact actions.
The outcome
The agency adopted least-privilege agent and tool design, added oversight checkpoints on high-impact actions, and established guardrails for safe autonomy. Re-testing confirmed the blast radius was materially reduced.
Independent, ANZ-native, and genuinely fluent in both AI and regulation. The roadmap was something our board could act on.
Related case studies
Book a Free 60-Minute Briefing
A scoping discussion and threat-landscape overview with our ANZ specialists. No sales pressure.
Book a Briefing