Lemma Critical Brief · Pillar archive

Pillar 03 Agent Authority Proof

The layer that records and proves the delegation relationships of agents.

7 Briefs

No. 029 · 2026-06-06

One-Click GitHub OAuth Token Theft via github.dev

The Webview Trusted Synthetic Events, and the Token Was Not Scoped to the Repo

Agent Infrastructure Identity & Auth Brief →

No. 025 · 2026-06-05

MCP Design: Config-to-Command Execution and Supply-Chain-Scale RCE

In April 2026, OX Security disclosed that Anthropic's Model Context Protocol (MCP) official SDK contains a design-level issue in which confi…

Agent Infrastructure Identity & AuthCode Provenance Brief →

No. 026 · 2026-06-05

Adaptive AI Worm

Runtime Exploit Synthesis as a Threat Model

Agent Runaway Agent InfrastructureIdentity & Auth Brief →

No. 027 · 2026-06-05

LibreChat CVE-2026-32625

User-Supplied MCP Server URLs as an Exfiltration Channel for Server Secrets

Agent Infrastructure Identity & Auth Brief →

No. 009 · 2026-05-31

GTG-1002

The First Reported AI-Orchestrated Espionage Campaign Where the Agent Executed 80–90% Autonomously, and Agent Authority Was Never Independently Verified

Agent Runaway Identity & Auth Brief →

No. 003 · 2026-05-30

Starlette CVE-2026-48710 (BadHost)

MCP Server Authentication Bypass via HTTP Host Header Manipulation

Agent Infrastructure Identity & Auth Brief →

No. 007 · 2026-05-30

Cursor + Claude Opus 4.6 Wiped PocketOS Production DB in 9 Seconds

The Unverified Destructive Authority of AI Coding Agents

Agent Runaway Identity & Auth Brief →