The Lethal Trifecta Is Already on Your Developers' Laptops
Official Schedule Context
- Date/time: 2026-07-01 · 11:10am-11:30am
- Track/room: track TBD · Expo Stage 3 SW
- Speaker(s): Michael Patterson
- Session type/status: session · confirmed
Official Description
The lethal trifecta: an AI agent with access to private data, exposure to untrusted content, and the
ability to communicate externally. Combine all three and an attacker can trick your agent into
exfiltrating anything it can see and there is no prompt-level fix.. Most enterprises have already
deployed this pattern at scale: Claude Code, Cursor, and Copilot on developer laptops with local
credentials, MCPs reaching into internal systems, and open egress. I'll speak to my own personal
agent stack as a textbook example, then trace the same shape across enterprise deployments I see at
Coder. The back half is four architectural moves that defuse it: governed compute, centralized
credentials, default-deny egress, identity-bound audit. Walk out with a mental model and a checklist
you can run against your own deployment the next morning.
Related YouTube Video
No related AI Engineer channel video found yet.
Transcript Status
No official session recording transcript was found by exact title match on the AI Engineer YouTube channel during this run.
People
Notes
- Pending transcript synthesis when an official recording or confirmed matching video is available.