AgentZero

A prototype demonstrating how to secure AI agents using Identity Propagation (On-Behalf-Of token exchange) and Least Privilege Tooling to mitigate cyberattacks.

Overview

This system protects AI agents from common attack vectors by:

• Identity Propagation (OBO): User identity flows through entire call chain - agent never uses superuser privileges
• Least Privilege Tooling: Tools dynamically filtered based on user’s actual permissions
• Complete Audit Trail: Every operation logs user → agent → mcp_server with full identity chain
• Role-Based Access Control: Four distinct roles (Admin, Developer, Finance, Marketing) with different permission levels

Pre-requisites:

• Python 3.8+
• API key for Claude (Anthropic) or Gemini (Google)

Demo:

View the repo on Git:

AgentZero