How contractors work today
Unmanaged laptops, shared tokens, direct repo access, and AI tools that act before security sees them.
AI Contractor Safety Lab
A live workshop for engineering, platform, and security leads rolling out Cursor, Claude Code, or MCP-connected coding agents with external developers.
Agenda
Unmanaged laptops, shared tokens, direct repo access, and AI tools that act before security sees them.
Prompt injection in code comments and supply-chain package drift that traditional CI checks catch too late.
Browser isolation, device-bound identity, scoped GitHub credentials, MCP policy, and signed audit chains.
A contractor asks Claude for a risky action. The gateway denies it and links prompt, MCP call, repo, and policy.
Leave with a 30-day pilot checklist: one repo, one contractor group, one evidence export.
How AI coding agents bypass CI/CD and secrets scanners, where an MCP gateway fits, and how to produce a complete prompt-to-infra audit chain for security review.
One contractor group, one repo, one MCP policy set, one audit export. The goal is a blocked action and evidence pack in the first week.
Book the pilot call