[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"kb-article-runtime-defense-agents-deploying-defensive-ai-to-hunt-contain-and-roll-back-rogue-llms-across-cloud--en":3,"ArticleBody_iEbQmJwUglesQtC1KUsxbfOsXBXdr4zIkoxPeIeAMQ":107},{"article":4,"relatedArticles":75,"locale":65},{"id":5,"title":6,"slug":7,"content":8,"htmlContent":9,"excerpt":10,"category":11,"tags":12,"metaDescription":10,"wordCount":13,"readingTime":14,"publishedAt":15,"sources":16,"sourceCoverage":58,"transparency":59,"seo":64,"language":65,"featuredImage":66,"featuredImageCredit":67,"isFreeGeneration":71,"trendSlug":58,"niche":72,"geoTakeaways":58,"geoFaq":58,"entities":58},"698cf43483368a9e468b5035","Runtime Defense Agents: Deploying Defensive AI to Hunt, Contain, and Roll Back Rogue LLMs Across Cloud and OT","runtime-defense-agents-deploying-defensive-ai-to-hunt-contain-and-roll-back-rogue-llms-across-cloud-","As agentic LLMs gain direct control over cloud and OT, they become privileged insiders with machine-speed access to APIs, data, and control systems. Non-human identities (NHIs) will outnumber humans 80:1, turning every agent into a high-value account vulnerable to hijacking, cloning, and prompt injection [8].  \n\nWithout runtime defense agents that watch, score, and intervene, a single compromised workflow can pivot from tampered telemetry to plant downtime in minutes [12].\n\n---\n\n## 1. Threat Model: Why You Need Runtime Defense Agents for LLMs\n\nTreat LLM agents as a new insider class: autonomous, API-connected NHIs with persistent credentials and wide reach across cloud and OT networks [8]. Each agent extends your blast radius to whatever its tools can touch.\n\nKey risk context:  \n- Average breach cost: ~$4.88M [3]  \n- SOCs see ~4,484 alerts\u002Fday; ~67% unreviewed [3]  \n- Ideal cover for rogue LLM behavior unless AI-native defenses filter and act at machine speed.\n\nMAESTRO-based research shows how network-monitoring agents can be degraded via:  \n- Resource DoS and replayed traffic  \n- Delayed telemetry and increased compute load  \n- Poor adaptations and degraded decision loops [12]  \n\nThis mirrors industrial control loops where compromised logs or delayed signals drive unsafe actuator commands.\n\nModern AI kill chains treat content as code [6][10]:  \n- Indirect prompt injections in documents, repos, tickets  \n- Persistent memory poisoning to shift long-horizon behavior  \n- Agent-to-agent propagation via social\u002Fprotocol networks  \n\nOnce compromised, an agent can:  \n- Instruct peers and mutate workflows  \n- Poison shared tools, memories, and state  \n- Form a rogue agent mesh spanning cloud and OT.\n\nCrowdStrike-style telemetry shows runtime, malware-free tradecraft dominates:  \n- Breakout times as low as 51 seconds  \n- 79% of detections involve no traditional malware [11]  \n\nFor LLMs, the “payload” is semantic: instructions like “ignore previous policies” act like exploits while appearing benign to signature tools [11].\n\n**Key takeaway:** Signals for rogue LLMs must be behavioral, contextual, and protocol-aware—not signature-based.\n\n\u003Cdiv class=\"mermaid-diagram not-prose my-6\" role=\"img\" aria-label=\"Diagram\">\n\u003Csvg id=\"diagram-1775215096845\" width=\"100%\" xmlns=\"http:\u002F\u002Fwww.w3.org\u002F2000\u002Fsvg\" class=\"flowchart\" style=\"max-width: 1179.71875px;\" viewBox=\"0 0 1179.71875 95\" role=\"graphics-document document\" aria-roledescription=\"flowchart-v2\">\u003Cstyle>#diagram-1775215096845{font-family:system-ui,-apple-system,sans-serif;font-size:16px;fill:#333;}@keyframes edge-animation-frame{from{stroke-dashoffset:0;}}@keyframes dash{to{stroke-dashoffset:0;}}#diagram-1775215096845 .edge-animation-slow{stroke-dasharray:9,5!important;stroke-dashoffset:900;animation:dash 50s linear infinite;stroke-linecap:round;}#diagram-1775215096845 .edge-animation-fast{stroke-dasharray:9,5!important;stroke-dashoffset:900;animation:dash 20s linear infinite;stroke-linecap:round;}#diagram-1775215096845 .error-icon{fill:#552222;}#diagram-1775215096845 .error-text{fill:#552222;stroke:#552222;}#diagram-1775215096845 .edge-thickness-normal{stroke-width:1px;}#diagram-1775215096845 .edge-thickness-thick{stroke-width:3.5px;}#diagram-1775215096845 .edge-pattern-solid{stroke-dasharray:0;}#diagram-1775215096845 .edge-thickness-invisible{stroke-width:0;fill:none;}#diagram-1775215096845 .edge-pattern-dashed{stroke-dasharray:3;}#diagram-1775215096845 .edge-pattern-dotted{stroke-dasharray:2;}#diagram-1775215096845 .marker{fill:#333333;stroke:#333333;}#diagram-1775215096845 .marker.cross{stroke:#333333;}#diagram-1775215096845 svg{font-family:system-ui,-apple-system,sans-serif;font-size:16px;}#diagram-1775215096845 p{margin:0;}#diagram-1775215096845 .label{font-family:system-ui,-apple-system,sans-serif;color:#333;}#diagram-1775215096845 .cluster-label text{fill:#333;}#diagram-1775215096845 .cluster-label span{color:#333;}#diagram-1775215096845 .cluster-label span p{background-color:transparent;}#diagram-1775215096845 .label text,#diagram-1775215096845 span{fill:#333;color:#333;}#diagram-1775215096845 .node rect,#diagram-1775215096845 .node circle,#diagram-1775215096845 .node ellipse,#diagram-1775215096845 .node polygon,#diagram-1775215096845 .node path{fill:#ECECFF;stroke:#9370DB;stroke-width:1px;}#diagram-1775215096845 .rough-node .label text,#diagram-1775215096845 .node .label text,#diagram-1775215096845 .image-shape .label,#diagram-1775215096845 .icon-shape .label{text-anchor:middle;}#diagram-1775215096845 .node .katex path{fill:#000;stroke:#000;stroke-width:1px;}#diagram-1775215096845 .rough-node .label,#diagram-1775215096845 .node .label,#diagram-1775215096845 .image-shape .label,#diagram-1775215096845 .icon-shape .label{text-align:center;}#diagram-1775215096845 .node.clickable{cursor:pointer;}#diagram-1775215096845 .root .anchor path{fill:#333333!important;stroke-width:0;stroke:#333333;}#diagram-1775215096845 .arrowheadPath{fill:#333333;}#diagram-1775215096845 .edgePath .path{stroke:#333333;stroke-width:1px;}#diagram-1775215096845 .flowchart-link{stroke:#333333;fill:none;}#diagram-1775215096845 .edgeLabel{background-color:rgba(232,232,232, 0.8);text-align:center;}#diagram-1775215096845 .edgeLabel p{background-color:rgba(232,232,232, 0.8);}#diagram-1775215096845 .edgeLabel rect{opacity:0.5;background-color:rgba(232,232,232, 0.8);fill:rgba(232,232,232, 0.8);}#diagram-1775215096845 .labelBkg{background-color:rgba(232, 232, 232, 0.5);}#diagram-1775215096845 .cluster rect{fill:#ffffde;stroke:#aaaa33;stroke-width:1px;}#diagram-1775215096845 .cluster text{fill:#333;}#diagram-1775215096845 .cluster span{color:#333;}#diagram-1775215096845 div.mermaidTooltip{position:absolute;text-align:center;max-width:200px;padding:2px;font-family:system-ui,-apple-system,sans-serif;font-size:12px;background:hsl(80, 100%, 96.2745098039%);border:1px solid #aaaa33;border-radius:2px;pointer-events:none;z-index:100;}#diagram-1775215096845 .flowchartTitleText{text-anchor:middle;font-size:18px;fill:#333;}#diagram-1775215096845 rect.text{fill:none;stroke-width:0;}#diagram-1775215096845 .icon-shape,#diagram-1775215096845 .image-shape{background-color:rgba(232,232,232, 0.8);text-align:center;}#diagram-1775215096845 .icon-shape p,#diagram-1775215096845 .image-shape p{background-color:rgba(232,232,232, 0.8);padding:2px;}#diagram-1775215096845 .icon-shape .label rect,#diagram-1775215096845 .image-shape .label rect{opacity:0.5;background-color:rgba(232,232,232, 0.8);fill:rgba(232,232,232, 0.8);}#diagram-1775215096845 .label-icon{display:inline-block;height:1em;overflow:visible;vertical-align:-0.125em;}#diagram-1775215096845 .node .label-icon path{fill:currentColor;stroke:revert;stroke-width:revert;}#diagram-1775215096845 .node .neo-node{stroke:#9370DB;}#diagram-1775215096845 [data-look=\"neo\"].node rect,#diagram-1775215096845 [data-look=\"neo\"].cluster rect,#diagram-1775215096845 [data-look=\"neo\"].node polygon{stroke:#9370DB;filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#diagram-1775215096845 [data-look=\"neo\"].node path{stroke:#9370DB;stroke-width:1px;}#diagram-1775215096845 [data-look=\"neo\"].node .outer-path{filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#diagram-1775215096845 [data-look=\"neo\"].node .neo-line path{stroke:#9370DB;filter:none;}#diagram-1775215096845 [data-look=\"neo\"].node circle{stroke:#9370DB;filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#diagram-1775215096845 [data-look=\"neo\"].node circle .state-start{fill:#000000;}#diagram-1775215096845 [data-look=\"neo\"].icon-shape .icon{fill:#9370DB;filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#diagram-1775215096845 [data-look=\"neo\"].icon-shape .icon-neo path{stroke:#9370DB;filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#diagram-1775215096845 :root{--mermaid-font-family:system-ui,-apple-system,sans-serif;}\u003C\u002Fstyle>\u003Cg>\u003Cmarker id=\"diagram-1775215096845_flowchart-v2-pointEnd\" class=\"marker flowchart-v2\" viewBox=\"0 0 10 10\" refX=\"5\" refY=\"5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"8\" markerHeight=\"8\" orient=\"auto\">\u003Cpath d=\"M 0 0 L 10 5 L 0 10 z\" class=\"arrowMarkerPath\" style=\"stroke-width: 1; stroke-dasharray: 1, 0;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215096845_flowchart-v2-pointStart\" class=\"marker flowchart-v2\" viewBox=\"0 0 10 10\" refX=\"4.5\" refY=\"5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"8\" markerHeight=\"8\" orient=\"auto\">\u003Cpath d=\"M 0 5 L 10 10 L 10 0 z\" class=\"arrowMarkerPath\" style=\"stroke-width: 1; stroke-dasharray: 1, 0;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215096845_flowchart-v2-pointEnd-margin\" class=\"marker flowchart-v2\" viewBox=\"0 0 11.5 14\" refX=\"11.5\" refY=\"7\" markerUnits=\"userSpaceOnUse\" markerWidth=\"10.5\" markerHeight=\"14\" orient=\"auto\">\u003Cpath d=\"M 0 0 L 11.5 7 L 0 14 z\" class=\"arrowMarkerPath\" style=\"stroke-width: 0; stroke-dasharray: 1, 0;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215096845_flowchart-v2-pointStart-margin\" class=\"marker flowchart-v2\" viewBox=\"0 0 11.5 14\" refX=\"1\" refY=\"7\" markerUnits=\"userSpaceOnUse\" markerWidth=\"11.5\" markerHeight=\"14\" orient=\"auto\">\u003Cpolygon points=\"0,7 11.5,14 11.5,0\" class=\"arrowMarkerPath\" style=\"stroke-width: 0; stroke-dasharray: 1, 0;\">\u003C\u002Fpolygon>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215096845_flowchart-v2-circleEnd\" class=\"marker flowchart-v2\" viewBox=\"0 0 10 10\" refX=\"11\" refY=\"5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"11\" markerHeight=\"11\" orient=\"auto\">\u003Ccircle cx=\"5\" cy=\"5\" r=\"5\" class=\"arrowMarkerPath\" style=\"stroke-width: 1; stroke-dasharray: 1, 0;\">\u003C\u002Fcircle>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215096845_flowchart-v2-circleStart\" class=\"marker flowchart-v2\" viewBox=\"0 0 10 10\" refX=\"-1\" refY=\"5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"11\" markerHeight=\"11\" orient=\"auto\">\u003Ccircle cx=\"5\" cy=\"5\" r=\"5\" class=\"arrowMarkerPath\" style=\"stroke-width: 1; stroke-dasharray: 1, 0;\">\u003C\u002Fcircle>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215096845_flowchart-v2-circleEnd-margin\" class=\"marker flowchart-v2\" viewBox=\"0 0 10 10\" refY=\"5\" refX=\"12.25\" markerUnits=\"userSpaceOnUse\" markerWidth=\"14\" markerHeight=\"14\" orient=\"auto\">\u003Ccircle cx=\"5\" cy=\"5\" r=\"5\" class=\"arrowMarkerPath\" style=\"stroke-width: 0; stroke-dasharray: 1, 0;\">\u003C\u002Fcircle>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215096845_flowchart-v2-circleStart-margin\" class=\"marker flowchart-v2\" viewBox=\"0 0 10 10\" refX=\"-2\" refY=\"5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"14\" markerHeight=\"14\" orient=\"auto\">\u003Ccircle cx=\"5\" cy=\"5\" r=\"5\" class=\"arrowMarkerPath\" style=\"stroke-width: 0; stroke-dasharray: 1, 0;\">\u003C\u002Fcircle>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215096845_flowchart-v2-crossEnd\" class=\"marker cross flowchart-v2\" viewBox=\"0 0 11 11\" refX=\"12\" refY=\"5.2\" markerUnits=\"userSpaceOnUse\" markerWidth=\"11\" markerHeight=\"11\" orient=\"auto\">\u003Cpath d=\"M 1,1 l 9,9 M 10,1 l -9,9\" class=\"arrowMarkerPath\" style=\"stroke-width: 2; stroke-dasharray: 1, 0;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215096845_flowchart-v2-crossStart\" class=\"marker cross flowchart-v2\" viewBox=\"0 0 11 11\" refX=\"-1\" refY=\"5.2\" markerUnits=\"userSpaceOnUse\" markerWidth=\"11\" markerHeight=\"11\" orient=\"auto\">\u003Cpath d=\"M 1,1 l 9,9 M 10,1 l -9,9\" class=\"arrowMarkerPath\" style=\"stroke-width: 2; stroke-dasharray: 1, 0;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215096845_flowchart-v2-crossEnd-margin\" class=\"marker cross flowchart-v2\" viewBox=\"0 0 15 15\" refX=\"17.7\" refY=\"7.5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"12\" markerHeight=\"12\" orient=\"auto\">\u003Cpath d=\"M 1,1 L 14,14 M 1,14 L 14,1\" class=\"arrowMarkerPath\" style=\"stroke-width: 2.5;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215096845_flowchart-v2-crossStart-margin\" class=\"marker cross flowchart-v2\" viewBox=\"0 0 15 15\" refX=\"-3.5\" refY=\"7.5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"12\" markerHeight=\"12\" orient=\"auto\">\u003Cpath d=\"M 1,1 L 14,14 M 1,14 L 14,1\" class=\"arrowMarkerPath\" style=\"stroke-width: 2.5; stroke-dasharray: 1, 0;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cg class=\"root\">\u003Cg class=\"clusters\">\u003C\u002Fg>\u003Cg class=\"edgePaths\">\u003Cpath d=\"M186.438,35L190.604,35C194.771,35,203.104,35,210.771,35C218.438,35,225.438,35,228.938,35L232.438,35\" id=\"diagram-1775215096845-L_A_B_0\" class=\" edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link\" style=\";\" data-edge=\"true\" data-et=\"edge\" data-id=\"L_A_B_0\" data-points=\"W3sieCI6MTg2LjQzNzUsInkiOjM1fSx7IngiOjIxMS40Mzc1LCJ5IjozNX0seyJ4IjoyMzYuNDM3NSwieSI6MzV9XQ==\" data-look=\"classic\" marker-end=\"url(#diagram-1775215096845_flowchart-v2-pointEnd)\">\u003C\u002Fpath>\u003Cpath d=\"M444.125,35L448.292,35C452.458,35,460.792,35,468.458,35C476.125,35,483.125,35,486.625,35L490.125,35\" id=\"diagram-1775215096845-L_B_C_0\" class=\" edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link\" style=\";\" data-edge=\"true\" data-et=\"edge\" data-id=\"L_B_C_0\" data-points=\"W3sieCI6NDQ0LjEyNSwieSI6MzV9LHsieCI6NDY5LjEyNSwieSI6MzV9LHsieCI6NDk0LjEyNSwieSI6MzV9XQ==\" data-look=\"classic\" marker-end=\"url(#diagram-1775215096845_flowchart-v2-pointEnd)\">\u003C\u002Fpath>\u003Cpath d=\"M695.813,35L699.979,35C704.146,35,712.479,35,720.146,35C727.813,35,734.813,35,738.313,35L741.813,35\" id=\"diagram-1775215096845-L_C_D_0\" class=\" edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link\" style=\";\" data-edge=\"true\" data-et=\"edge\" data-id=\"L_C_D_0\" data-points=\"W3sieCI6Njk1LjgxMjUsInkiOjM1fSx7IngiOjcyMC44MTI1LCJ5IjozNX0seyJ4Ijo3NDUuODEyNSwieSI6MzV9XQ==\" data-look=\"classic\" marker-end=\"url(#diagram-1775215096845_flowchart-v2-pointEnd)\">\u003C\u002Fpath>\u003Cpath d=\"M919.172,35L923.339,35C927.505,35,935.839,35,943.505,35C951.172,35,958.172,35,961.672,35L965.172,35\" id=\"diagram-1775215096845-L_D_E_0\" class=\" edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link\" style=\";\" data-edge=\"true\" data-et=\"edge\" data-id=\"L_D_E_0\" data-points=\"W3sieCI6OTE5LjE3MTg3NSwieSI6MzV9LHsieCI6OTQ0LjE3MTg3NSwieSI6MzV9LHsieCI6OTY5LjE3MTg3NSwieSI6MzV9XQ==\" data-look=\"classic\" marker-end=\"url(#diagram-1775215096845_flowchart-v2-pointEnd)\">\u003C\u002Fpath>\u003C\u002Fg>\u003Cg class=\"edgeLabels\">\u003Cg class=\"edgeLabel\">\u003Cg class=\"label\" data-id=\"L_A_B_0\" transform=\"translate(0, 0)\">\u003CforeignObject width=\"0\" height=\"0\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" class=\"labelBkg\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"edgeLabel \">\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"edgeLabel\">\u003Cg class=\"label\" data-id=\"L_B_C_0\" transform=\"translate(0, 0)\">\u003CforeignObject width=\"0\" height=\"0\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" class=\"labelBkg\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"edgeLabel \">\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"edgeLabel\">\u003Cg class=\"label\" data-id=\"L_C_D_0\" transform=\"translate(0, 0)\">\u003CforeignObject width=\"0\" height=\"0\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" class=\"labelBkg\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"edgeLabel \">\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"edgeLabel\">\u003Cg class=\"label\" data-id=\"L_D_E_0\" transform=\"translate(0, 0)\">\u003CforeignObject width=\"0\" height=\"0\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" class=\"labelBkg\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"edgeLabel \">\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"nodes\">\u003Cg class=\"node default  \" id=\"diagram-1775215096845-flowchart-A-0\" data-look=\"classic\" transform=\"translate(97.21875, 35)\">\u003Crect class=\"basic label-container\" style=\"fill:#f59e0b !important\" x=\"-89.21875\" y=\"-27\" width=\"178.4375\" height=\"54\">\u003C\u002Frect>\u003Cg class=\"label\" style=\"color:#000 !important\" transform=\"translate(-59.21875, -12)\">\u003Crect>\u003C\u002Frect>\u003CforeignObject width=\"118.4375\" height=\"24\">\u003Cdiv style=\"color: rgb(0, 0, 0) !important; display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\" xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\">\u003Cspan style=\"color:#000 !important\" class=\"nodeLabel \">\u003Cp>Indirect Prompt\u003C\u002Fp>\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"node default  \" id=\"diagram-1775215096845-flowchart-B-1\" data-look=\"classic\" transform=\"translate(340.28125, 35)\">\u003Crect class=\"basic label-container\" style=\"\" x=\"-103.84375\" y=\"-27\" width=\"207.6875\" height=\"54\">\u003C\u002Frect>\u003Cg class=\"label\" style=\"\" transform=\"translate(-73.84375, -12)\">\u003Crect>\u003C\u002Frect>\u003CforeignObject width=\"147.6875\" height=\"24\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"nodeLabel \">\u003Cp>Model Compromise\u003C\u002Fp>\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"node default  \" id=\"diagram-1775215096845-flowchart-C-3\" data-look=\"classic\" transform=\"translate(594.96875, 35)\">\u003Crect class=\"basic label-container\" style=\"\" x=\"-100.84375\" y=\"-27\" width=\"201.6875\" height=\"54\">\u003C\u002Frect>\u003Cg class=\"label\" style=\"\" transform=\"translate(-70.84375, -12)\">\u003Crect>\u003C\u002Frect>\u003CforeignObject width=\"141.6875\" height=\"24\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"nodeLabel \">\u003Cp>Memory Poisoning\u003C\u002Fp>\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"node default  \" id=\"diagram-1775215096845-flowchart-D-5\" data-look=\"classic\" transform=\"translate(832.4921875, 35)\">\u003Crect class=\"basic label-container\" style=\"\" x=\"-86.6796875\" y=\"-27\" width=\"173.359375\" height=\"54\">\u003C\u002Frect>\u003Cg class=\"label\" style=\"\" transform=\"translate(-56.6796875, -12)\">\u003Crect>\u003C\u002Frect>\u003CforeignObject width=\"113.359375\" height=\"24\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"nodeLabel \">\u003Cp>Tool\u002FAPI Abuse\u003C\u002Fp>\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"node default  \" id=\"diagram-1775215096845-flowchart-E-7\" data-look=\"classic\" transform=\"translate(1070.4453125, 35)\">\u003Crect class=\"basic label-container\" style=\"fill:#ef4444 !important\" x=\"-101.2734375\" y=\"-27\" width=\"202.546875\" height=\"54\">\u003C\u002Frect>\u003Cg class=\"label\" style=\"color:#fff !important\" transform=\"translate(-71.2734375, -12)\">\u003Crect>\u003C\u002Frect>\u003CforeignObject width=\"142.546875\" height=\"24\">\u003Cdiv style=\"color: rgb(255, 255, 255) !important; display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\" xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\">\u003Cspan style=\"color:#fff !important\" class=\"nodeLabel \">\u003Cp>Rogue Agent Mesh\u003C\u002Fp>\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003C\u002Fg>\u003C\u002Fg>\u003C\u002Fg>\u003Cdefs>\u003Cfilter id=\"diagram-1775215096845-drop-shadow\" height=\"130%\" width=\"130%\">\u003CfeDropShadow dx=\"4\" dy=\"4\" stdDeviation=\"0\" flood-opacity=\"0.06\" flood-color=\"#000000\">\u003C\u002FfeDropShadow>\u003C\u002Ffilter>\u003C\u002Fdefs>\u003Cdefs>\u003Cfilter id=\"diagram-1775215096845-drop-shadow-small\" height=\"150%\" width=\"150%\">\u003CfeDropShadow dx=\"2\" dy=\"2\" stdDeviation=\"0\" flood-opacity=\"0.06\" flood-color=\"#000000\">\u003C\u002FfeDropShadow>\u003C\u002Ffilter>\u003C\u002Fdefs>\u003Ctext x=\"1174.71875\" y=\"90\" text-anchor=\"end\" fill=\"#6b7280\" stroke=\"#ffffff\" stroke-width=\"3\" paint-order=\"stroke\" font-size=\"11\" font-family=\"system-ui, sans-serif\" opacity=\"0.7\">coreprose.com\u003C\u002Ftext>\u003C\u002Fsvg>\n\u003C\u002Fdiv>\n\n---\n\n## 2. Reference Architecture: Defensive AI Control Plane for Cloud and OT\n\nDeploy a layered sandbox and execution-risk control plane for every agentic workflow.\n\nConstrain agents with:  \n- Sandboxed tools and reduced entitlements  \n- Network egress controls and scoped credentials  \n- Strict limits on filesystem writes, especially configs, to block persistence and RCE paths [1].\n\nFor high-risk actions (schema migrations, OT setpoint changes):  \n- Replace “run with user rights” with explicit policies  \n- Require approvals and just-in-time elevation  \n- Prevent LLMs from inheriting full human privileges.\n\nBuild a dedicated AI runtime telemetry pipeline, mirroring secure Azure OpenAI patterns [4]:  \n- Centralize prompts, system messages, tool calls, outputs, safety events  \n- Maintain a unified, time-ordered stream  \n- Integrate with SIEM and cloud-native AI threat protection  \n- Correlate semantic anomalies with network, endpoint, and OT data.\n\nHarden the agent layer with prompt-injection-resistant patterns [5]:  \n- Strict system prompts and role definitions  \n- Planner–executor separation  \n- Controlled context routing and whitelisted tools.\n\nDesign defense agents as autonomous security co-pilots in the SOC:  \n- Continuously triage AI telemetry  \n- Reduce alert volume and automate investigations  \n- Align with demonstrated agentic AI for next-gen security operations [3][2].\n\nApply MAESTRO-style multilayer defense-in-depth [5][12]:  \n- **Inference:** enforce system instructions, content safety gates  \n- **Memory:** isolate, snapshot, and integrity-check memories [12]  \n- **Planning:** validate plans; simulate risky steps before execution [12]  \n- **Anomaly detection:** route suspicious workflows into quarantine sandboxes isolated from production OT and cloud [1][12]  \n\n**Key design principle:** Treat defense agents as first-class security components, not ad hoc scripts.\n\n\u003Cdiv class=\"mermaid-diagram not-prose my-6\" role=\"img\" aria-label=\"Diagram\">\n\u003Csvg id=\"diagram-1775215097483\" width=\"100%\" xmlns=\"http:\u002F\u002Fwww.w3.org\u002F2000\u002Fsvg\" class=\"flowchart\" style=\"max-width: 423.921875px;\" viewBox=\"0 0 423.921875 615\" role=\"graphics-document document\" aria-roledescription=\"flowchart-v2\">\u003Cstyle>#diagram-1775215097483{font-family:system-ui,-apple-system,sans-serif;font-size:16px;fill:#333;}@keyframes edge-animation-frame{from{stroke-dashoffset:0;}}@keyframes dash{to{stroke-dashoffset:0;}}#diagram-1775215097483 .edge-animation-slow{stroke-dasharray:9,5!important;stroke-dashoffset:900;animation:dash 50s linear infinite;stroke-linecap:round;}#diagram-1775215097483 .edge-animation-fast{stroke-dasharray:9,5!important;stroke-dashoffset:900;animation:dash 20s linear infinite;stroke-linecap:round;}#diagram-1775215097483 .error-icon{fill:#552222;}#diagram-1775215097483 .error-text{fill:#552222;stroke:#552222;}#diagram-1775215097483 .edge-thickness-normal{stroke-width:1px;}#diagram-1775215097483 .edge-thickness-thick{stroke-width:3.5px;}#diagram-1775215097483 .edge-pattern-solid{stroke-dasharray:0;}#diagram-1775215097483 .edge-thickness-invisible{stroke-width:0;fill:none;}#diagram-1775215097483 .edge-pattern-dashed{stroke-dasharray:3;}#diagram-1775215097483 .edge-pattern-dotted{stroke-dasharray:2;}#diagram-1775215097483 .marker{fill:#333333;stroke:#333333;}#diagram-1775215097483 .marker.cross{stroke:#333333;}#diagram-1775215097483 svg{font-family:system-ui,-apple-system,sans-serif;font-size:16px;}#diagram-1775215097483 p{margin:0;}#diagram-1775215097483 .label{font-family:system-ui,-apple-system,sans-serif;color:#333;}#diagram-1775215097483 .cluster-label text{fill:#333;}#diagram-1775215097483 .cluster-label span{color:#333;}#diagram-1775215097483 .cluster-label span p{background-color:transparent;}#diagram-1775215097483 .label text,#diagram-1775215097483 span{fill:#333;color:#333;}#diagram-1775215097483 .node rect,#diagram-1775215097483 .node circle,#diagram-1775215097483 .node ellipse,#diagram-1775215097483 .node polygon,#diagram-1775215097483 .node path{fill:#ECECFF;stroke:#9370DB;stroke-width:1px;}#diagram-1775215097483 .rough-node .label text,#diagram-1775215097483 .node .label text,#diagram-1775215097483 .image-shape .label,#diagram-1775215097483 .icon-shape .label{text-anchor:middle;}#diagram-1775215097483 .node .katex path{fill:#000;stroke:#000;stroke-width:1px;}#diagram-1775215097483 .rough-node .label,#diagram-1775215097483 .node .label,#diagram-1775215097483 .image-shape .label,#diagram-1775215097483 .icon-shape .label{text-align:center;}#diagram-1775215097483 .node.clickable{cursor:pointer;}#diagram-1775215097483 .root .anchor path{fill:#333333!important;stroke-width:0;stroke:#333333;}#diagram-1775215097483 .arrowheadPath{fill:#333333;}#diagram-1775215097483 .edgePath .path{stroke:#333333;stroke-width:1px;}#diagram-1775215097483 .flowchart-link{stroke:#333333;fill:none;}#diagram-1775215097483 .edgeLabel{background-color:rgba(232,232,232, 0.8);text-align:center;}#diagram-1775215097483 .edgeLabel p{background-color:rgba(232,232,232, 0.8);}#diagram-1775215097483 .edgeLabel rect{opacity:0.5;background-color:rgba(232,232,232, 0.8);fill:rgba(232,232,232, 0.8);}#diagram-1775215097483 .labelBkg{background-color:rgba(232, 232, 232, 0.5);}#diagram-1775215097483 .cluster rect{fill:#ffffde;stroke:#aaaa33;stroke-width:1px;}#diagram-1775215097483 .cluster text{fill:#333;}#diagram-1775215097483 .cluster span{color:#333;}#diagram-1775215097483 div.mermaidTooltip{position:absolute;text-align:center;max-width:200px;padding:2px;font-family:system-ui,-apple-system,sans-serif;font-size:12px;background:hsl(80, 100%, 96.2745098039%);border:1px solid #aaaa33;border-radius:2px;pointer-events:none;z-index:100;}#diagram-1775215097483 .flowchartTitleText{text-anchor:middle;font-size:18px;fill:#333;}#diagram-1775215097483 rect.text{fill:none;stroke-width:0;}#diagram-1775215097483 .icon-shape,#diagram-1775215097483 .image-shape{background-color:rgba(232,232,232, 0.8);text-align:center;}#diagram-1775215097483 .icon-shape p,#diagram-1775215097483 .image-shape p{background-color:rgba(232,232,232, 0.8);padding:2px;}#diagram-1775215097483 .icon-shape .label rect,#diagram-1775215097483 .image-shape .label rect{opacity:0.5;background-color:rgba(232,232,232, 0.8);fill:rgba(232,232,232, 0.8);}#diagram-1775215097483 .label-icon{display:inline-block;height:1em;overflow:visible;vertical-align:-0.125em;}#diagram-1775215097483 .node .label-icon path{fill:currentColor;stroke:revert;stroke-width:revert;}#diagram-1775215097483 .node .neo-node{stroke:#9370DB;}#diagram-1775215097483 [data-look=\"neo\"].node rect,#diagram-1775215097483 [data-look=\"neo\"].cluster rect,#diagram-1775215097483 [data-look=\"neo\"].node polygon{stroke:#9370DB;filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#diagram-1775215097483 [data-look=\"neo\"].node path{stroke:#9370DB;stroke-width:1px;}#diagram-1775215097483 [data-look=\"neo\"].node .outer-path{filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#diagram-1775215097483 [data-look=\"neo\"].node .neo-line path{stroke:#9370DB;filter:none;}#diagram-1775215097483 [data-look=\"neo\"].node circle{stroke:#9370DB;filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#diagram-1775215097483 [data-look=\"neo\"].node circle .state-start{fill:#000000;}#diagram-1775215097483 [data-look=\"neo\"].icon-shape .icon{fill:#9370DB;filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#diagram-1775215097483 [data-look=\"neo\"].icon-shape .icon-neo path{stroke:#9370DB;filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#diagram-1775215097483 :root{--mermaid-font-family:system-ui,-apple-system,sans-serif;}\u003C\u002Fstyle>\u003Cg>\u003Cmarker id=\"diagram-1775215097483_flowchart-v2-pointEnd\" class=\"marker flowchart-v2\" viewBox=\"0 0 10 10\" refX=\"5\" refY=\"5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"8\" markerHeight=\"8\" orient=\"auto\">\u003Cpath d=\"M 0 0 L 10 5 L 0 10 z\" class=\"arrowMarkerPath\" style=\"stroke-width: 1; stroke-dasharray: 1, 0;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215097483_flowchart-v2-pointStart\" class=\"marker flowchart-v2\" viewBox=\"0 0 10 10\" refX=\"4.5\" refY=\"5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"8\" markerHeight=\"8\" orient=\"auto\">\u003Cpath d=\"M 0 5 L 10 10 L 10 0 z\" class=\"arrowMarkerPath\" style=\"stroke-width: 1; stroke-dasharray: 1, 0;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215097483_flowchart-v2-pointEnd-margin\" class=\"marker flowchart-v2\" viewBox=\"0 0 11.5 14\" refX=\"11.5\" refY=\"7\" markerUnits=\"userSpaceOnUse\" markerWidth=\"10.5\" markerHeight=\"14\" orient=\"auto\">\u003Cpath d=\"M 0 0 L 11.5 7 L 0 14 z\" class=\"arrowMarkerPath\" style=\"stroke-width: 0; stroke-dasharray: 1, 0;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215097483_flowchart-v2-pointStart-margin\" class=\"marker flowchart-v2\" viewBox=\"0 0 11.5 14\" refX=\"1\" refY=\"7\" markerUnits=\"userSpaceOnUse\" markerWidth=\"11.5\" markerHeight=\"14\" orient=\"auto\">\u003Cpolygon points=\"0,7 11.5,14 11.5,0\" class=\"arrowMarkerPath\" style=\"stroke-width: 0; stroke-dasharray: 1, 0;\">\u003C\u002Fpolygon>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215097483_flowchart-v2-circleEnd\" class=\"marker flowchart-v2\" viewBox=\"0 0 10 10\" refX=\"11\" refY=\"5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"11\" markerHeight=\"11\" orient=\"auto\">\u003Ccircle cx=\"5\" cy=\"5\" r=\"5\" class=\"arrowMarkerPath\" style=\"stroke-width: 1; stroke-dasharray: 1, 0;\">\u003C\u002Fcircle>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215097483_flowchart-v2-circleStart\" class=\"marker flowchart-v2\" viewBox=\"0 0 10 10\" refX=\"-1\" refY=\"5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"11\" markerHeight=\"11\" orient=\"auto\">\u003Ccircle cx=\"5\" cy=\"5\" r=\"5\" class=\"arrowMarkerPath\" style=\"stroke-width: 1; stroke-dasharray: 1, 0;\">\u003C\u002Fcircle>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215097483_flowchart-v2-circleEnd-margin\" class=\"marker flowchart-v2\" viewBox=\"0 0 10 10\" refY=\"5\" refX=\"12.25\" markerUnits=\"userSpaceOnUse\" markerWidth=\"14\" markerHeight=\"14\" orient=\"auto\">\u003Ccircle cx=\"5\" cy=\"5\" r=\"5\" class=\"arrowMarkerPath\" style=\"stroke-width: 0; stroke-dasharray: 1, 0;\">\u003C\u002Fcircle>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215097483_flowchart-v2-circleStart-margin\" class=\"marker flowchart-v2\" viewBox=\"0 0 10 10\" refX=\"-2\" refY=\"5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"14\" markerHeight=\"14\" orient=\"auto\">\u003Ccircle cx=\"5\" cy=\"5\" r=\"5\" class=\"arrowMarkerPath\" style=\"stroke-width: 0; stroke-dasharray: 1, 0;\">\u003C\u002Fcircle>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215097483_flowchart-v2-crossEnd\" class=\"marker cross flowchart-v2\" viewBox=\"0 0 11 11\" refX=\"12\" refY=\"5.2\" markerUnits=\"userSpaceOnUse\" markerWidth=\"11\" markerHeight=\"11\" orient=\"auto\">\u003Cpath d=\"M 1,1 l 9,9 M 10,1 l -9,9\" class=\"arrowMarkerPath\" style=\"stroke-width: 2; stroke-dasharray: 1, 0;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215097483_flowchart-v2-crossStart\" class=\"marker cross flowchart-v2\" viewBox=\"0 0 11 11\" refX=\"-1\" refY=\"5.2\" markerUnits=\"userSpaceOnUse\" markerWidth=\"11\" markerHeight=\"11\" orient=\"auto\">\u003Cpath d=\"M 1,1 l 9,9 M 10,1 l -9,9\" class=\"arrowMarkerPath\" style=\"stroke-width: 2; stroke-dasharray: 1, 0;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215097483_flowchart-v2-crossEnd-margin\" class=\"marker cross flowchart-v2\" viewBox=\"0 0 15 15\" refX=\"17.7\" refY=\"7.5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"12\" markerHeight=\"12\" orient=\"auto\">\u003Cpath d=\"M 1,1 L 14,14 M 1,14 L 14,1\" class=\"arrowMarkerPath\" style=\"stroke-width: 2.5;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215097483_flowchart-v2-crossStart-margin\" class=\"marker cross flowchart-v2\" viewBox=\"0 0 15 15\" refX=\"-3.5\" refY=\"7.5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"12\" markerHeight=\"12\" orient=\"auto\">\u003Cpath d=\"M 1,1 L 14,14 M 1,14 L 14,1\" class=\"arrowMarkerPath\" style=\"stroke-width: 2.5; stroke-dasharray: 1, 0;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cg class=\"root\">\u003Cg class=\"clusters\">\u003C\u002Fg>\u003Cg class=\"edgePaths\">\u003Cpath d=\"M194.121,62L194.121,66.167C194.121,70.333,194.121,78.667,194.121,86.333C194.121,94,194.121,101,194.121,104.5L194.121,108\" id=\"diagram-1775215097483-L_A_B_0\" class=\" edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link\" style=\";\" data-edge=\"true\" data-et=\"edge\" data-id=\"L_A_B_0\" data-points=\"W3sieCI6MTk0LjEyMTA5Mzc1LCJ5Ijo2Mn0seyJ4IjoxOTQuMTIxMDkzNzUsInkiOjg3fSx7IngiOjE5NC4xMjEwOTM3NSwieSI6MTEyfV0=\" data-look=\"classic\" marker-end=\"url(#diagram-1775215097483_flowchart-v2-pointEnd)\">\u003C\u002Fpath>\u003Cpath d=\"M234.337,166L240.543,170.167C246.749,174.333,259.162,182.667,265.368,190.333C271.574,198,271.574,205,271.574,208.5L271.574,212\" id=\"diagram-1775215097483-L_B_C_0\" class=\" edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link\" style=\";\" data-edge=\"true\" data-et=\"edge\" data-id=\"L_B_C_0\" data-points=\"W3sieCI6MjM0LjMzNzEzOTQyMzA3NjksInkiOjE2Nn0seyJ4IjoyNzEuNTc0MjE4NzUsInkiOjE5MX0seyJ4IjoyNzEuNTc0MjE4NzUsInkiOjIxNn1d\" data-look=\"classic\" marker-end=\"url(#diagram-1775215097483_flowchart-v2-pointEnd)\">\u003C\u002Fpath>\u003Cpath d=\"M153.905,166L147.699,170.167C141.493,174.333,129.08,182.667,122.874,195.5C116.668,208.333,116.668,225.667,116.668,243C116.668,260.333,116.668,277.667,122.321,290.128C127.973,302.59,139.279,310.18,144.931,313.975L150.584,317.77\" id=\"diagram-1775215097483-L_B_D_0\" class=\" edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link\" style=\";\" data-edge=\"true\" data-et=\"edge\" data-id=\"L_B_D_0\" data-points=\"W3sieCI6MTUzLjkwNTA0ODA3NjkyMzEsInkiOjE2Nn0seyJ4IjoxMTYuNjY3OTY4NzUsInkiOjE5MX0seyJ4IjoxMTYuNjY3OTY4NzUsInkiOjI0M30seyJ4IjoxMTYuNjY3OTY4NzUsInkiOjI5NX0seyJ4IjoxNTMuOTA1MDQ4MDc2OTIzMSwieSI6MzIwfV0=\" data-look=\"classic\" marker-end=\"url(#diagram-1775215097483_flowchart-v2-pointEnd)\">\u003C\u002Fpath>\u003Cpath d=\"M271.574,270L271.574,274.167C271.574,278.333,271.574,286.667,265.922,294.628C260.269,302.59,248.963,310.18,243.311,313.975L237.658,317.77\" id=\"diagram-1775215097483-L_C_D_0\" class=\" edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link\" style=\";\" data-edge=\"true\" data-et=\"edge\" data-id=\"L_C_D_0\" data-points=\"W3sieCI6MjcxLjU3NDIxODc1LCJ5IjoyNzB9LHsieCI6MjcxLjU3NDIxODc1LCJ5IjoyOTV9LHsieCI6MjM0LjMzNzEzOTQyMzA3NjksInkiOjMyMH1d\" data-look=\"classic\" marker-end=\"url(#diagram-1775215097483_flowchart-v2-pointEnd)\">\u003C\u002Fpath>\u003Cpath d=\"M194.121,374L194.121,378.167C194.121,382.333,194.121,390.667,194.121,398.333C194.121,406,194.121,413,194.121,416.5L194.121,420\" id=\"diagram-1775215097483-L_D_E_0\" class=\" edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link\" style=\";\" data-edge=\"true\" data-et=\"edge\" data-id=\"L_D_E_0\" data-points=\"W3sieCI6MTk0LjEyMTA5Mzc1LCJ5IjozNzR9LHsieCI6MTk0LjEyMTA5Mzc1LCJ5IjozOTl9LHsieCI6MTk0LjEyMTA5Mzc1LCJ5Ijo0MjR9XQ==\" data-look=\"classic\" marker-end=\"url(#diagram-1775215097483_flowchart-v2-pointEnd)\">\u003C\u002Fpath>\u003Cpath d=\"M134.679,478L125.506,482.167C116.333,486.333,97.987,494.667,88.814,502.333C79.641,510,79.641,517,79.641,520.5L79.641,524\" id=\"diagram-1775215097483-L_E_F_0\" class=\" edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link\" style=\";\" data-edge=\"true\" data-et=\"edge\" data-id=\"L_E_F_0\" data-points=\"W3sieCI6MTM0LjY3OTMxMTg5OTAzODQ1LCJ5Ijo0Nzh9LHsieCI6NzkuNjQwNjI1LCJ5Ijo1MDN9LHsieCI6NzkuNjQwNjI1LCJ5Ijo1Mjh9XQ==\" data-look=\"classic\" marker-end=\"url(#diagram-1775215097483_flowchart-v2-pointEnd)\">\u003C\u002Fpath>\u003Cpath d=\"M253.563,478L262.736,482.167C271.909,486.333,290.255,494.667,299.428,502.333C308.602,510,308.602,517,308.602,520.5L308.602,524\" id=\"diagram-1775215097483-L_E_G_0\" class=\" edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link\" style=\";\" data-edge=\"true\" data-et=\"edge\" data-id=\"L_E_G_0\" data-points=\"W3sieCI6MjUzLjU2Mjg3NTYwMDk2MTU1LCJ5Ijo0Nzh9LHsieCI6MzA4LjYwMTU2MjUsInkiOjUwM30seyJ4IjozMDguNjAxNTYyNSwieSI6NTI4fV0=\" data-look=\"classic\" marker-end=\"url(#diagram-1775215097483_flowchart-v2-pointEnd)\">\u003C\u002Fpath>\u003C\u002Fg>\u003Cg class=\"edgeLabels\">\u003Cg class=\"edgeLabel\">\u003Cg class=\"label\" data-id=\"L_A_B_0\" transform=\"translate(0, 0)\">\u003CforeignObject width=\"0\" height=\"0\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" class=\"labelBkg\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"edgeLabel \">\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"edgeLabel\">\u003Cg class=\"label\" data-id=\"L_B_C_0\" transform=\"translate(0, 0)\">\u003CforeignObject width=\"0\" height=\"0\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" class=\"labelBkg\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"edgeLabel \">\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"edgeLabel\">\u003Cg class=\"label\" data-id=\"L_B_D_0\" transform=\"translate(0, 0)\">\u003CforeignObject width=\"0\" height=\"0\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" class=\"labelBkg\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"edgeLabel \">\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"edgeLabel\">\u003Cg class=\"label\" data-id=\"L_C_D_0\" transform=\"translate(0, 0)\">\u003CforeignObject width=\"0\" height=\"0\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" class=\"labelBkg\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"edgeLabel \">\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"edgeLabel\">\u003Cg class=\"label\" data-id=\"L_D_E_0\" transform=\"translate(0, 0)\">\u003CforeignObject width=\"0\" height=\"0\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" class=\"labelBkg\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"edgeLabel \">\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"edgeLabel\">\u003Cg class=\"label\" data-id=\"L_E_F_0\" transform=\"translate(0, 0)\">\u003CforeignObject width=\"0\" height=\"0\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" class=\"labelBkg\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"edgeLabel \">\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"edgeLabel\">\u003Cg class=\"label\" data-id=\"L_E_G_0\" transform=\"translate(0, 0)\">\u003CforeignObject width=\"0\" height=\"0\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" class=\"labelBkg\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"edgeLabel \">\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"nodes\">\u003Cg class=\"node default  \" id=\"diagram-1775215097483-flowchart-A-0\" data-look=\"classic\" transform=\"translate(194.12109375, 35)\">\u003Crect class=\"basic label-container\" style=\"\" x=\"-88.03125\" y=\"-27\" width=\"176.0625\" height=\"54\">\u003C\u002Frect>\u003Cg class=\"label\" style=\"\" transform=\"translate(-58.03125, -12)\">\u003Crect>\u003C\u002Frect>\u003CforeignObject width=\"116.0625\" height=\"24\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"nodeLabel \">\u003Cp>User \u002F OT Event\u003C\u002Fp>\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"node default  \" id=\"diagram-1775215097483-flowchart-B-1\" data-look=\"classic\" transform=\"translate(194.12109375, 139)\">\u003Crect class=\"basic label-container\" style=\"\" x=\"-109.171875\" y=\"-27\" width=\"218.34375\" height=\"54\">\u003C\u002Frect>\u003Cg class=\"label\" style=\"\" transform=\"translate(-79.171875, -12)\">\u003Crect>\u003C\u002Frect>\u003CforeignObject width=\"158.34375\" height=\"24\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"nodeLabel \">\u003Cp>Business LLM Agents\u003C\u002Fp>\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"node default  \" id=\"diagram-1775215097483-flowchart-C-2\" data-look=\"classic\" transform=\"translate(271.57421875, 243)\">\u003Crect class=\"basic label-container\" style=\"\" x=\"-119.90625\" y=\"-27\" width=\"239.8125\" height=\"54\">\u003C\u002Frect>\u003Cg class=\"label\" style=\"\" transform=\"translate(-89.90625, -12)\">\u003Crect>\u003C\u002Frect>\u003CforeignObject width=\"179.8125\" height=\"24\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"nodeLabel \">\u003Cp>Sandboxed Tools & APIs\u003C\u002Fp>\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"node default  \" id=\"diagram-1775215097483-flowchart-D-3\" data-look=\"classic\" transform=\"translate(194.12109375, 347)\">\u003Crect class=\"basic label-container\" style=\"\" x=\"-109.1484375\" y=\"-27\" width=\"218.296875\" height=\"54\">\u003C\u002Frect>\u003Cg class=\"label\" style=\"\" transform=\"translate(-79.1484375, -12)\">\u003Crect>\u003C\u002Frect>\u003CforeignObject width=\"158.296875\" height=\"24\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"nodeLabel \">\u003Cp>AI Telemetry Pipeline\u003C\u002Fp>\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"node default  \" id=\"diagram-1775215097483-flowchart-E-4\" data-look=\"classic\" transform=\"translate(194.12109375, 451)\">\u003Crect class=\"basic label-container\" style=\"fill:#22c55e !important\" x=\"-123.0859375\" y=\"-27\" width=\"246.171875\" height=\"54\">\u003C\u002Frect>\u003Cg class=\"label\" style=\"color:#fff !important\" transform=\"translate(-93.0859375, -12)\">\u003Crect>\u003C\u002Frect>\u003CforeignObject width=\"186.171875\" height=\"24\">\u003Cdiv style=\"color: rgb(255, 255, 255) !important; display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\" xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\">\u003Cspan style=\"color:#fff !important\" class=\"nodeLabel \">\u003Cp>Runtime Defense Agents\u003C\u002Fp>\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"node default  \" id=\"diagram-1775215097483-flowchart-F-5\" data-look=\"classic\" transform=\"translate(79.640625, 555)\">\u003Crect class=\"basic label-container\" style=\"\" x=\"-71.640625\" y=\"-27\" width=\"143.28125\" height=\"54\">\u003C\u002Frect>\u003Cg class=\"label\" style=\"\" transform=\"translate(-41.640625, -12)\">\u003Crect>\u003C\u002Frect>\u003CforeignObject width=\"83.28125\" height=\"24\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"nodeLabel \">\u003Cp>SIEM \u002F SOC\u003C\u002Fp>\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"node default  \" id=\"diagram-1775215097483-flowchart-G-6\" data-look=\"classic\" transform=\"translate(308.6015625, 555)\">\u003Crect class=\"basic label-container\" style=\"fill:#f59e0b !important\" x=\"-107.3203125\" y=\"-27\" width=\"214.640625\" height=\"54\">\u003C\u002Frect>\u003Cg class=\"label\" style=\"color:#000 !important\" transform=\"translate(-77.3203125, -12)\">\u003Crect>\u003C\u002Frect>\u003CforeignObject width=\"154.640625\" height=\"24\">\u003Cdiv style=\"color: rgb(0, 0, 0) !important; display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\" xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\">\u003Cspan style=\"color:#000 !important\" class=\"nodeLabel \">\u003Cp>Quarantine Sandbox\u003C\u002Fp>\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003C\u002Fg>\u003C\u002Fg>\u003C\u002Fg>\u003Cdefs>\u003Cfilter id=\"diagram-1775215097483-drop-shadow\" height=\"130%\" width=\"130%\">\u003CfeDropShadow dx=\"4\" dy=\"4\" stdDeviation=\"0\" flood-opacity=\"0.06\" flood-color=\"#000000\">\u003C\u002FfeDropShadow>\u003C\u002Ffilter>\u003C\u002Fdefs>\u003Cdefs>\u003Cfilter id=\"diagram-1775215097483-drop-shadow-small\" height=\"150%\" width=\"150%\">\u003CfeDropShadow dx=\"2\" dy=\"2\" stdDeviation=\"0\" flood-opacity=\"0.06\" flood-color=\"#000000\">\u003C\u002FfeDropShadow>\u003C\u002Ffilter>\u003C\u002Fdefs>\u003Ctext x=\"418.921875\" y=\"610\" text-anchor=\"end\" fill=\"#6b7280\" stroke=\"#ffffff\" stroke-width=\"3\" paint-order=\"stroke\" font-size=\"11\" font-family=\"system-ui, sans-serif\" opacity=\"0.7\">coreprose.com\u003C\u002Ftext>\u003C\u002Fsvg>\n\u003C\u002Fdiv>\n\n---\n\n## 3. Operational Playbook: Detect, Contain, and Roll Back Rogue Agents\n\nTreat prompt injection and jailbreaking as observable runtime events.\n\nBuild a detection stack that flags [7][9]:  \n- Role overrides and “ignore previous instructions” patterns  \n- Sudden escalation in tools, permissions, or OT impact  \n- Context hijacking where untrusted content injects policies.\n\nEncode the full agent kill chain into rules [10][6]:  \n- Input manipulation → model compromise → system attacks → protocol exploits  \n- Patterns like Prompt-to-SQL injection and Toxic Agent Flow across plugins and MCP servers.\n\nEffective detection combines [7][12]:  \n- Semantic patterns in prompts\u002Fresponses  \n- Deviations from normal tool sequences and timing  \n- Cross-signal anomalies from network, endpoint, and OT telemetry.\n\nContainment must be dynamic; defense agents should [1][7][9]:  \n- Downgrade an agent’s privileges in real time  \n- Revoke individual tools or network scopes  \n- Push compromised agents into high-friction approval modes requiring human sign-off.\n\nFor rollback, treat telemetry as the recovery oracle [12][2]:  \n- Detect memory poisoning or faulty adaptations  \n- Restore clean memory snapshots  \n- Revert configuration changes and OT plans to trusted baselines.\n\nIncident response must assume AI-specific, malware-free runtime attacks [11][7][8][9]:  \n- Enforce rapid patch and model-update cycles (sub-72-hour windows)  \n- Continuously red-team with curated prompt-injection and jailbreak suites  \n- Use results to tune policies, sandboxes, and detection thresholds.\n\n\u003Cdiv class=\"mermaid-diagram not-prose my-6\" role=\"img\" aria-label=\"Diagram\">\n\u003Csvg id=\"diagram-1775215098174\" width=\"100%\" xmlns=\"http:\u002F\u002Fwww.w3.org\u002F2000\u002Fsvg\" class=\"flowchart\" style=\"max-width: 1181.9375px;\" viewBox=\"0 0 1181.9375 199\" role=\"graphics-document document\" aria-roledescription=\"flowchart-v2\">\u003Cstyle>#diagram-1775215098174{font-family:system-ui,-apple-system,sans-serif;font-size:16px;fill:#333;}@keyframes edge-animation-frame{from{stroke-dashoffset:0;}}@keyframes dash{to{stroke-dashoffset:0;}}#diagram-1775215098174 .edge-animation-slow{stroke-dasharray:9,5!important;stroke-dashoffset:900;animation:dash 50s linear infinite;stroke-linecap:round;}#diagram-1775215098174 .edge-animation-fast{stroke-dasharray:9,5!important;stroke-dashoffset:900;animation:dash 20s linear infinite;stroke-linecap:round;}#diagram-1775215098174 .error-icon{fill:#552222;}#diagram-1775215098174 .error-text{fill:#552222;stroke:#552222;}#diagram-1775215098174 .edge-thickness-normal{stroke-width:1px;}#diagram-1775215098174 .edge-thickness-thick{stroke-width:3.5px;}#diagram-1775215098174 .edge-pattern-solid{stroke-dasharray:0;}#diagram-1775215098174 .edge-thickness-invisible{stroke-width:0;fill:none;}#diagram-1775215098174 .edge-pattern-dashed{stroke-dasharray:3;}#diagram-1775215098174 .edge-pattern-dotted{stroke-dasharray:2;}#diagram-1775215098174 .marker{fill:#333333;stroke:#333333;}#diagram-1775215098174 .marker.cross{stroke:#333333;}#diagram-1775215098174 svg{font-family:system-ui,-apple-system,sans-serif;font-size:16px;}#diagram-1775215098174 p{margin:0;}#diagram-1775215098174 .label{font-family:system-ui,-apple-system,sans-serif;color:#333;}#diagram-1775215098174 .cluster-label text{fill:#333;}#diagram-1775215098174 .cluster-label span{color:#333;}#diagram-1775215098174 .cluster-label span p{background-color:transparent;}#diagram-1775215098174 .label text,#diagram-1775215098174 span{fill:#333;color:#333;}#diagram-1775215098174 .node rect,#diagram-1775215098174 .node circle,#diagram-1775215098174 .node ellipse,#diagram-1775215098174 .node polygon,#diagram-1775215098174 .node path{fill:#ECECFF;stroke:#9370DB;stroke-width:1px;}#diagram-1775215098174 .rough-node .label text,#diagram-1775215098174 .node .label text,#diagram-1775215098174 .image-shape .label,#diagram-1775215098174 .icon-shape .label{text-anchor:middle;}#diagram-1775215098174 .node .katex path{fill:#000;stroke:#000;stroke-width:1px;}#diagram-1775215098174 .rough-node .label,#diagram-1775215098174 .node .label,#diagram-1775215098174 .image-shape .label,#diagram-1775215098174 .icon-shape .label{text-align:center;}#diagram-1775215098174 .node.clickable{cursor:pointer;}#diagram-1775215098174 .root .anchor path{fill:#333333!important;stroke-width:0;stroke:#333333;}#diagram-1775215098174 .arrowheadPath{fill:#333333;}#diagram-1775215098174 .edgePath .path{stroke:#333333;stroke-width:1px;}#diagram-1775215098174 .flowchart-link{stroke:#333333;fill:none;}#diagram-1775215098174 .edgeLabel{background-color:rgba(232,232,232, 0.8);text-align:center;}#diagram-1775215098174 .edgeLabel p{background-color:rgba(232,232,232, 0.8);}#diagram-1775215098174 .edgeLabel rect{opacity:0.5;background-color:rgba(232,232,232, 0.8);fill:rgba(232,232,232, 0.8);}#diagram-1775215098174 .labelBkg{background-color:rgba(232, 232, 232, 0.5);}#diagram-1775215098174 .cluster rect{fill:#ffffde;stroke:#aaaa33;stroke-width:1px;}#diagram-1775215098174 .cluster text{fill:#333;}#diagram-1775215098174 .cluster span{color:#333;}#diagram-1775215098174 div.mermaidTooltip{position:absolute;text-align:center;max-width:200px;padding:2px;font-family:system-ui,-apple-system,sans-serif;font-size:12px;background:hsl(80, 100%, 96.2745098039%);border:1px solid #aaaa33;border-radius:2px;pointer-events:none;z-index:100;}#diagram-1775215098174 .flowchartTitleText{text-anchor:middle;font-size:18px;fill:#333;}#diagram-1775215098174 rect.text{fill:none;stroke-width:0;}#diagram-1775215098174 .icon-shape,#diagram-1775215098174 .image-shape{background-color:rgba(232,232,232, 0.8);text-align:center;}#diagram-1775215098174 .icon-shape p,#diagram-1775215098174 .image-shape p{background-color:rgba(232,232,232, 0.8);padding:2px;}#diagram-1775215098174 .icon-shape .label rect,#diagram-1775215098174 .image-shape .label rect{opacity:0.5;background-color:rgba(232,232,232, 0.8);fill:rgba(232,232,232, 0.8);}#diagram-1775215098174 .label-icon{display:inline-block;height:1em;overflow:visible;vertical-align:-0.125em;}#diagram-1775215098174 .node .label-icon path{fill:currentColor;stroke:revert;stroke-width:revert;}#diagram-1775215098174 .node .neo-node{stroke:#9370DB;}#diagram-1775215098174 [data-look=\"neo\"].node rect,#diagram-1775215098174 [data-look=\"neo\"].cluster rect,#diagram-1775215098174 [data-look=\"neo\"].node polygon{stroke:#9370DB;filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#diagram-1775215098174 [data-look=\"neo\"].node path{stroke:#9370DB;stroke-width:1px;}#diagram-1775215098174 [data-look=\"neo\"].node .outer-path{filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#diagram-1775215098174 [data-look=\"neo\"].node .neo-line path{stroke:#9370DB;filter:none;}#diagram-1775215098174 [data-look=\"neo\"].node circle{stroke:#9370DB;filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#diagram-1775215098174 [data-look=\"neo\"].node circle .state-start{fill:#000000;}#diagram-1775215098174 [data-look=\"neo\"].icon-shape .icon{fill:#9370DB;filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#diagram-1775215098174 [data-look=\"neo\"].icon-shape .icon-neo path{stroke:#9370DB;filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#diagram-1775215098174 :root{--mermaid-font-family:system-ui,-apple-system,sans-serif;}\u003C\u002Fstyle>\u003Cg>\u003Cmarker id=\"diagram-1775215098174_flowchart-v2-pointEnd\" class=\"marker flowchart-v2\" viewBox=\"0 0 10 10\" refX=\"5\" refY=\"5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"8\" markerHeight=\"8\" orient=\"auto\">\u003Cpath d=\"M 0 0 L 10 5 L 0 10 z\" class=\"arrowMarkerPath\" style=\"stroke-width: 1; stroke-dasharray: 1, 0;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215098174_flowchart-v2-pointStart\" class=\"marker flowchart-v2\" viewBox=\"0 0 10 10\" refX=\"4.5\" refY=\"5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"8\" markerHeight=\"8\" orient=\"auto\">\u003Cpath d=\"M 0 5 L 10 10 L 10 0 z\" class=\"arrowMarkerPath\" style=\"stroke-width: 1; stroke-dasharray: 1, 0;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215098174_flowchart-v2-pointEnd-margin\" class=\"marker flowchart-v2\" viewBox=\"0 0 11.5 14\" refX=\"11.5\" refY=\"7\" markerUnits=\"userSpaceOnUse\" markerWidth=\"10.5\" markerHeight=\"14\" orient=\"auto\">\u003Cpath d=\"M 0 0 L 11.5 7 L 0 14 z\" class=\"arrowMarkerPath\" style=\"stroke-width: 0; stroke-dasharray: 1, 0;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215098174_flowchart-v2-pointStart-margin\" class=\"marker flowchart-v2\" viewBox=\"0 0 11.5 14\" refX=\"1\" refY=\"7\" markerUnits=\"userSpaceOnUse\" markerWidth=\"11.5\" markerHeight=\"14\" orient=\"auto\">\u003Cpolygon points=\"0,7 11.5,14 11.5,0\" class=\"arrowMarkerPath\" style=\"stroke-width: 0; stroke-dasharray: 1, 0;\">\u003C\u002Fpolygon>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215098174_flowchart-v2-circleEnd\" class=\"marker flowchart-v2\" viewBox=\"0 0 10 10\" refX=\"11\" refY=\"5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"11\" markerHeight=\"11\" orient=\"auto\">\u003Ccircle cx=\"5\" cy=\"5\" r=\"5\" class=\"arrowMarkerPath\" style=\"stroke-width: 1; stroke-dasharray: 1, 0;\">\u003C\u002Fcircle>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215098174_flowchart-v2-circleStart\" class=\"marker flowchart-v2\" viewBox=\"0 0 10 10\" refX=\"-1\" refY=\"5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"11\" markerHeight=\"11\" orient=\"auto\">\u003Ccircle cx=\"5\" cy=\"5\" r=\"5\" class=\"arrowMarkerPath\" style=\"stroke-width: 1; stroke-dasharray: 1, 0;\">\u003C\u002Fcircle>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215098174_flowchart-v2-circleEnd-margin\" class=\"marker flowchart-v2\" viewBox=\"0 0 10 10\" refY=\"5\" refX=\"12.25\" markerUnits=\"userSpaceOnUse\" markerWidth=\"14\" markerHeight=\"14\" orient=\"auto\">\u003Ccircle cx=\"5\" cy=\"5\" r=\"5\" class=\"arrowMarkerPath\" style=\"stroke-width: 0; stroke-dasharray: 1, 0;\">\u003C\u002Fcircle>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215098174_flowchart-v2-circleStart-margin\" class=\"marker flowchart-v2\" viewBox=\"0 0 10 10\" refX=\"-2\" refY=\"5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"14\" markerHeight=\"14\" orient=\"auto\">\u003Ccircle cx=\"5\" cy=\"5\" r=\"5\" class=\"arrowMarkerPath\" style=\"stroke-width: 0; stroke-dasharray: 1, 0;\">\u003C\u002Fcircle>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215098174_flowchart-v2-crossEnd\" class=\"marker cross flowchart-v2\" viewBox=\"0 0 11 11\" refX=\"12\" refY=\"5.2\" markerUnits=\"userSpaceOnUse\" markerWidth=\"11\" markerHeight=\"11\" orient=\"auto\">\u003Cpath d=\"M 1,1 l 9,9 M 10,1 l -9,9\" class=\"arrowMarkerPath\" style=\"stroke-width: 2; stroke-dasharray: 1, 0;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215098174_flowchart-v2-crossStart\" class=\"marker cross flowchart-v2\" viewBox=\"0 0 11 11\" refX=\"-1\" refY=\"5.2\" markerUnits=\"userSpaceOnUse\" markerWidth=\"11\" markerHeight=\"11\" orient=\"auto\">\u003Cpath d=\"M 1,1 l 9,9 M 10,1 l -9,9\" class=\"arrowMarkerPath\" style=\"stroke-width: 2; stroke-dasharray: 1, 0;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215098174_flowchart-v2-crossEnd-margin\" class=\"marker cross flowchart-v2\" viewBox=\"0 0 15 15\" refX=\"17.7\" refY=\"7.5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"12\" markerHeight=\"12\" orient=\"auto\">\u003Cpath d=\"M 1,1 L 14,14 M 1,14 L 14,1\" class=\"arrowMarkerPath\" style=\"stroke-width: 2.5;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215098174_flowchart-v2-crossStart-margin\" class=\"marker cross flowchart-v2\" viewBox=\"0 0 15 15\" refX=\"-3.5\" refY=\"7.5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"12\" markerHeight=\"12\" orient=\"auto\">\u003Cpath d=\"M 1,1 L 14,14 M 1,14 L 14,1\" class=\"arrowMarkerPath\" style=\"stroke-width: 2.5; stroke-dasharray: 1, 0;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cg class=\"root\">\u003Cg class=\"clusters\">\u003C\u002Fg>\u003Cg class=\"edgePaths\">\u003Cpath d=\"M177.922,87L182.089,87C186.255,87,194.589,87,202.255,87C209.922,87,216.922,87,220.422,87L223.922,87\" id=\"diagram-1775215098174-L_A_B_0\" class=\" edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link\" style=\";\" data-edge=\"true\" data-et=\"edge\" data-id=\"L_A_B_0\" data-points=\"W3sieCI6MTc3LjkyMTg3NSwieSI6ODd9LHsieCI6MjAyLjkyMTg3NSwieSI6ODd9LHsieCI6MjI3LjkyMTg3NSwieSI6ODd9XQ==\" data-look=\"classic\" marker-end=\"url(#diagram-1775215098174_flowchart-v2-pointEnd)\">\u003C\u002Fpath>\u003Cpath d=\"M430.766,87L434.932,87C439.099,87,447.432,87,455.099,87C462.766,87,469.766,87,473.266,87L476.766,87\" id=\"diagram-1775215098174-L_B_C_0\" class=\" edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link\" style=\";\" data-edge=\"true\" data-et=\"edge\" data-id=\"L_B_C_0\" data-points=\"W3sieCI6NDMwLjc2NTYyNSwieSI6ODd9LHsieCI6NDU1Ljc2NTYyNSwieSI6ODd9LHsieCI6NDgwLjc2NTYyNSwieSI6ODd9XQ==\" data-look=\"classic\" marker-end=\"url(#diagram-1775215098174_flowchart-v2-pointEnd)\">\u003C\u002Fpath>\u003Cpath d=\"M623.439,60L632.282,55.833C641.126,51.667,658.813,43.333,671.156,39.167C683.5,35,690.5,35,694,35L697.5,35\" id=\"diagram-1775215098174-L_C_D_0\" class=\" edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link\" style=\";\" data-edge=\"true\" data-et=\"edge\" data-id=\"L_C_D_0\" data-points=\"W3sieCI6NjIzLjQzODg1MjE2MzQ2MTUsInkiOjYwfSx7IngiOjY3Ni41LCJ5IjozNX0seyJ4Ijo3MDEuNSwieSI6MzV9XQ==\" data-look=\"classic\" marker-end=\"url(#diagram-1775215098174_flowchart-v2-pointEnd)\">\u003C\u002Fpath>\u003Cpath d=\"M918.797,35L922.964,35C927.13,35,935.464,35,943.13,35C950.797,35,957.797,35,961.297,35L964.797,35\" id=\"diagram-1775215098174-L_D_E_0\" class=\" edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link\" style=\";\" data-edge=\"true\" data-et=\"edge\" data-id=\"L_D_E_0\" data-points=\"W3sieCI6OTE4Ljc5Njg3NSwieSI6MzV9LHsieCI6OTQzLjc5Njg3NSwieSI6MzV9LHsieCI6OTY4Ljc5Njg3NSwieSI6MzV9XQ==\" data-look=\"classic\" marker-end=\"url(#diagram-1775215098174_flowchart-v2-pointEnd)\">\u003C\u002Fpath>\u003Cpath d=\"M623.439,114L632.282,118.167C641.126,122.333,658.813,130.667,676.733,134.833C694.654,139,712.807,139,721.884,139L730.961,139\" id=\"diagram-1775215098174-L_C_F_0\" class=\" edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link\" style=\";\" data-edge=\"true\" data-et=\"edge\" data-id=\"L_C_F_0\" data-points=\"W3sieCI6NjIzLjQzODg1MjE2MzQ2MTUsInkiOjExNH0seyJ4Ijo2NzYuNSwieSI6MTM5fSx7IngiOjczNC45NjA5Mzc1LCJ5IjoxMzl9XQ==\" data-look=\"classic\" marker-end=\"url(#diagram-1775215098174_flowchart-v2-pointEnd)\">\u003C\u002Fpath>\u003C\u002Fg>\u003Cg class=\"edgeLabels\">\u003Cg class=\"edgeLabel\">\u003Cg class=\"label\" data-id=\"L_A_B_0\" transform=\"translate(0, 0)\">\u003CforeignObject width=\"0\" height=\"0\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" class=\"labelBkg\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"edgeLabel \">\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"edgeLabel\">\u003Cg class=\"label\" data-id=\"L_B_C_0\" transform=\"translate(0, 0)\">\u003CforeignObject width=\"0\" height=\"0\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" class=\"labelBkg\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"edgeLabel \">\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"edgeLabel\">\u003Cg class=\"label\" data-id=\"L_C_D_0\" transform=\"translate(0, 0)\">\u003CforeignObject width=\"0\" height=\"0\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" class=\"labelBkg\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"edgeLabel \">\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"edgeLabel\">\u003Cg class=\"label\" data-id=\"L_D_E_0\" transform=\"translate(0, 0)\">\u003CforeignObject width=\"0\" height=\"0\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" class=\"labelBkg\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"edgeLabel \">\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"edgeLabel\">\u003Cg class=\"label\" data-id=\"L_C_F_0\" transform=\"translate(0, 0)\">\u003CforeignObject width=\"0\" height=\"0\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" class=\"labelBkg\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"edgeLabel \">\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"nodes\">\u003Cg class=\"node default  \" id=\"diagram-1775215098174-flowchart-A-0\" data-look=\"classic\" transform=\"translate(92.9609375, 87)\">\u003Crect class=\"basic label-container\" style=\"\" x=\"-84.9609375\" y=\"-27\" width=\"169.921875\" height=\"54\">\u003C\u002Frect>\u003Cg class=\"label\" style=\"\" transform=\"translate(-54.9609375, -12)\">\u003Crect>\u003C\u002Frect>\u003CforeignObject width=\"109.921875\" height=\"24\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"nodeLabel \">\u003Cp>LLM Telemetry\u003C\u002Fp>\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"node default  \" id=\"diagram-1775215098174-flowchart-B-1\" data-look=\"classic\" transform=\"translate(329.34375, 87)\">\u003Crect class=\"basic label-container\" style=\"fill:#f59e0b !important\" x=\"-101.421875\" y=\"-27\" width=\"202.84375\" height=\"54\">\u003C\u002Frect>\u003Cg class=\"label\" style=\"color:#000 !important\" transform=\"translate(-71.421875, -12)\">\u003Crect>\u003C\u002Frect>\u003CforeignObject width=\"142.84375\" height=\"24\">\u003Cdiv style=\"color: rgb(0, 0, 0) !important; display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\" xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\">\u003Cspan style=\"color:#000 !important\" class=\"nodeLabel \">\u003Cp>Anomaly Detection\u003C\u002Fp>\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"node default  \" id=\"diagram-1775215098174-flowchart-C-2\" data-look=\"classic\" transform=\"translate(566.1328125, 87)\">\u003Crect class=\"basic label-container\" style=\"\" x=\"-85.3671875\" y=\"-27\" width=\"170.734375\" height=\"54\">\u003C\u002Frect>\u003Cg class=\"label\" style=\"\" transform=\"translate(-55.3671875, -12)\">\u003Crect>\u003C\u002Frect>\u003CforeignObject width=\"110.734375\" height=\"24\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"nodeLabel \">\u003Cp>Defense Agent\u003C\u002Fp>\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"node default  \" id=\"diagram-1775215098174-flowchart-D-3\" data-look=\"classic\" transform=\"translate(810.1484375, 35)\">\u003Crect class=\"basic label-container\" style=\"fill:#ef4444 !important\" x=\"-108.6484375\" y=\"-27\" width=\"217.296875\" height=\"54\">\u003C\u002Frect>\u003Cg class=\"label\" style=\"color:#fff !important\" transform=\"translate(-78.6484375, -12)\">\u003Crect>\u003C\u002Frect>\u003CforeignObject width=\"157.296875\" height=\"24\">\u003Cdiv style=\"color: rgb(255, 255, 255) !important; display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\" xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\">\u003Cspan style=\"color:#fff !important\" class=\"nodeLabel \">\u003Cp>Containment Actions\u003C\u002Fp>\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"node default  \" id=\"diagram-1775215098174-flowchart-E-4\" data-look=\"classic\" transform=\"translate(1071.3671875, 35)\">\u003Crect class=\"basic label-container\" style=\"fill:#22c55e !important\" x=\"-102.5703125\" y=\"-27\" width=\"205.140625\" height=\"54\">\u003C\u002Frect>\u003Cg class=\"label\" style=\"color:#fff !important\" transform=\"translate(-72.5703125, -12)\">\u003Crect>\u003C\u002Frect>\u003CforeignObject width=\"145.140625\" height=\"24\">\u003Cdiv style=\"color: rgb(255, 255, 255) !important; display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\" xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\">\u003Cspan style=\"color:#fff !important\" class=\"nodeLabel \">\u003Cp>Rollback \u002F Recovery\u003C\u002Fp>\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"node default  \" id=\"diagram-1775215098174-flowchart-F-5\" data-look=\"classic\" transform=\"translate(810.1484375, 139)\">\u003Crect class=\"basic label-container\" style=\"\" x=\"-75.1875\" y=\"-27\" width=\"150.375\" height=\"54\">\u003C\u002Frect>\u003Cg class=\"label\" style=\"\" transform=\"translate(-45.1875, -12)\">\u003Crect>\u003C\u002Frect>\u003CforeignObject width=\"90.375\" height=\"24\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"nodeLabel \">\u003Cp>SOC Analyst\u003C\u002Fp>\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003C\u002Fg>\u003C\u002Fg>\u003C\u002Fg>\u003Cdefs>\u003Cfilter id=\"diagram-1775215098174-drop-shadow\" height=\"130%\" width=\"130%\">\u003CfeDropShadow dx=\"4\" dy=\"4\" stdDeviation=\"0\" flood-opacity=\"0.06\" flood-color=\"#000000\">\u003C\u002FfeDropShadow>\u003C\u002Ffilter>\u003C\u002Fdefs>\u003Cdefs>\u003Cfilter id=\"diagram-1775215098174-drop-shadow-small\" height=\"150%\" width=\"150%\">\u003CfeDropShadow dx=\"2\" dy=\"2\" stdDeviation=\"0\" flood-opacity=\"0.06\" flood-color=\"#000000\">\u003C\u002FfeDropShadow>\u003C\u002Ffilter>\u003C\u002Fdefs>\u003Ctext x=\"1176.9375\" y=\"194\" text-anchor=\"end\" fill=\"#6b7280\" stroke=\"#ffffff\" stroke-width=\"3\" paint-order=\"stroke\" font-size=\"11\" font-family=\"system-ui, sans-serif\" opacity=\"0.7\">coreprose.com\u003C\u002Ftext>\u003C\u002Fsvg>\n\u003C\u002Fdiv>\n\n**Key takeaway:** Defense agents operationalize “detect, contain, recover” for AI, turning prompt-injection risk into concrete, automatable runbooks.\n\n---\n\n## Conclusion: Turning AI into a Security Control Plane\n\nRuntime defense agents transform AI from a fragile attack surface into an active security control plane. By sandboxing tools, centralizing telemetry, and deploying autonomous defense agents, organizations can continuously observe, score, and intervene on LLM behavior across cloud and OT—before attackers do.","\u003Cp>As agentic LLMs gain direct control over cloud and OT, they become privileged insiders with machine-speed access to APIs, data, and control systems. Non-human identities (NHIs) will outnumber humans 80:1, turning every agent into a high-value account vulnerable to hijacking, cloning, and prompt injection \u003Ca href=\"#source-8\" class=\"citation-link\" title=\"View source [8]\">[8]\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Without runtime defense agents that watch, score, and intervene, a single compromised workflow can pivot from tampered telemetry to plant downtime in minutes \u003Ca href=\"#source-12\" class=\"citation-link\" title=\"View source [12]\">[12]\u003C\u002Fa>.\u003C\u002Fp>\n\u003Chr>\n\u003Ch2>1. Threat Model: Why You Need Runtime Defense Agents for LLMs\u003C\u002Fh2>\n\u003Cp>Treat LLM agents as a new insider class: autonomous, API-connected NHIs with persistent credentials and wide reach across cloud and OT networks \u003Ca href=\"#source-8\" class=\"citation-link\" title=\"View source [8]\">[8]\u003C\u002Fa>. Each agent extends your blast radius to whatever its tools can touch.\u003C\u002Fp>\n\u003Cp>Key risk context:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Average breach cost: ~$4.88M \u003Ca href=\"#source-3\" class=\"citation-link\" title=\"View source [3]\">[3]\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>SOCs see ~4,484 alerts\u002Fday; ~67% unreviewed \u003Ca href=\"#source-3\" class=\"citation-link\" title=\"View source [3]\">[3]\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Ideal cover for rogue LLM behavior unless AI-native defenses filter and act at machine speed.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>MAESTRO-based research shows how network-monitoring agents can be degraded via:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Resource DoS and replayed traffic\u003C\u002Fli>\n\u003Cli>Delayed telemetry and increased compute load\u003C\u002Fli>\n\u003Cli>Poor adaptations and degraded decision loops \u003Ca href=\"#source-12\" class=\"citation-link\" title=\"View source [12]\">[12]\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This mirrors industrial control loops where compromised logs or delayed signals drive unsafe actuator commands.\u003C\u002Fp>\n\u003Cp>Modern AI kill chains treat content as code \u003Ca href=\"#source-6\" class=\"citation-link\" title=\"View source [6]\">[6]\u003C\u002Fa>\u003Ca href=\"#source-10\" class=\"citation-link\" title=\"View source [10]\">[10]\u003C\u002Fa>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Indirect prompt injections in documents, repos, tickets\u003C\u002Fli>\n\u003Cli>Persistent memory poisoning to shift long-horizon behavior\u003C\u002Fli>\n\u003Cli>Agent-to-agent propagation via social\u002Fprotocol networks\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Once compromised, an agent can:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Instruct peers and mutate workflows\u003C\u002Fli>\n\u003Cli>Poison shared tools, memories, and state\u003C\u002Fli>\n\u003Cli>Form a rogue agent mesh spanning cloud and OT.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>CrowdStrike-style telemetry shows runtime, malware-free tradecraft dominates:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Breakout times as low as 51 seconds\u003C\u002Fli>\n\u003Cli>79% of detections involve no traditional malware \u003Ca href=\"#source-11\" class=\"citation-link\" title=\"View source [11]\">[11]\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For LLMs, the “payload” is semantic: instructions like “ignore previous policies” act like exploits while appearing benign to signature tools \u003Ca href=\"#source-11\" class=\"citation-link\" title=\"View source [11]\">[11]\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key takeaway:\u003C\u002Fstrong> Signals for rogue LLMs must be behavioral, contextual, and protocol-aware—not signature-based.\u003C\u002Fp>\n\u003Cdiv class=\"mermaid-diagram not-prose my-6\" role=\"img\" aria-label=\"Diagram\">\n\u003Csvg id=\"diagram-1775215096845\" width=\"100%\" xmlns=\"http:\u002F\u002Fwww.w3.org\u002F2000\u002Fsvg\" class=\"flowchart\" style=\"max-width: 1179.71875px;\" viewBox=\"0 0 1179.71875 95\" role=\"graphics-document document\" aria-roledescription=\"flowchart-v2\">\u003Cstyle>#diagram-1775215096845{font-family:system-ui,-apple-system,sans-serif;font-size:16px;fill:#333;}@keyframes edge-animation-frame{from{stroke-dashoffset:0;}}@keyframes dash{to{stroke-dashoffset:0;}}#diagram-1775215096845 .edge-animation-slow{stroke-dasharray:9,5!important;stroke-dashoffset:900;animation:dash 50s linear infinite;stroke-linecap:round;}#diagram-1775215096845 .edge-animation-fast{stroke-dasharray:9,5!important;stroke-dashoffset:900;animation:dash 20s linear infinite;stroke-linecap:round;}#diagram-1775215096845 .error-icon{fill:#552222;}#diagram-1775215096845 .error-text{fill:#552222;stroke:#552222;}#diagram-1775215096845 .edge-thickness-normal{stroke-width:1px;}#diagram-1775215096845 .edge-thickness-thick{stroke-width:3.5px;}#diagram-1775215096845 .edge-pattern-solid{stroke-dasharray:0;}#diagram-1775215096845 .edge-thickness-invisible{stroke-width:0;fill:none;}#diagram-1775215096845 .edge-pattern-dashed{stroke-dasharray:3;}#diagram-1775215096845 .edge-pattern-dotted{stroke-dasharray:2;}#diagram-1775215096845 .marker{fill:#333333;stroke:#333333;}#diagram-1775215096845 .marker.cross{stroke:#333333;}#diagram-1775215096845 svg{font-family:system-ui,-apple-system,sans-serif;font-size:16px;}#diagram-1775215096845 p{margin:0;}#diagram-1775215096845 .label{font-family:system-ui,-apple-system,sans-serif;color:#333;}#diagram-1775215096845 .cluster-label text{fill:#333;}#diagram-1775215096845 .cluster-label span{color:#333;}#diagram-1775215096845 .cluster-label span p{background-color:transparent;}#diagram-1775215096845 .label text,#diagram-1775215096845 span{fill:#333;color:#333;}#diagram-1775215096845 .node rect,#diagram-1775215096845 .node circle,#diagram-1775215096845 .node ellipse,#diagram-1775215096845 .node polygon,#diagram-1775215096845 .node path{fill:#ECECFF;stroke:#9370DB;stroke-width:1px;}#diagram-1775215096845 .rough-node .label text,#diagram-1775215096845 .node .label text,#diagram-1775215096845 .image-shape .label,#diagram-1775215096845 .icon-shape .label{text-anchor:middle;}#diagram-1775215096845 .node .katex path{fill:#000;stroke:#000;stroke-width:1px;}#diagram-1775215096845 .rough-node .label,#diagram-1775215096845 .node .label,#diagram-1775215096845 .image-shape .label,#diagram-1775215096845 .icon-shape .label{text-align:center;}#diagram-1775215096845 .node.clickable{cursor:pointer;}#diagram-1775215096845 .root .anchor path{fill:#333333!important;stroke-width:0;stroke:#333333;}#diagram-1775215096845 .arrowheadPath{fill:#333333;}#diagram-1775215096845 .edgePath .path{stroke:#333333;stroke-width:1px;}#diagram-1775215096845 .flowchart-link{stroke:#333333;fill:none;}#diagram-1775215096845 .edgeLabel{background-color:rgba(232,232,232, 0.8);text-align:center;}#diagram-1775215096845 .edgeLabel p{background-color:rgba(232,232,232, 0.8);}#diagram-1775215096845 .edgeLabel rect{opacity:0.5;background-color:rgba(232,232,232, 0.8);fill:rgba(232,232,232, 0.8);}#diagram-1775215096845 .labelBkg{background-color:rgba(232, 232, 232, 0.5);}#diagram-1775215096845 .cluster rect{fill:#ffffde;stroke:#aaaa33;stroke-width:1px;}#diagram-1775215096845 .cluster text{fill:#333;}#diagram-1775215096845 .cluster span{color:#333;}#diagram-1775215096845 div.mermaidTooltip{position:absolute;text-align:center;max-width:200px;padding:2px;font-family:system-ui,-apple-system,sans-serif;font-size:12px;background:hsl(80, 100%, 96.2745098039%);border:1px solid #aaaa33;border-radius:2px;pointer-events:none;z-index:100;}#diagram-1775215096845 .flowchartTitleText{text-anchor:middle;font-size:18px;fill:#333;}#diagram-1775215096845 rect.text{fill:none;stroke-width:0;}#diagram-1775215096845 .icon-shape,#diagram-1775215096845 .image-shape{background-color:rgba(232,232,232, 0.8);text-align:center;}#diagram-1775215096845 .icon-shape p,#diagram-1775215096845 .image-shape p{background-color:rgba(232,232,232, 0.8);padding:2px;}#diagram-1775215096845 .icon-shape .label rect,#diagram-1775215096845 .image-shape .label rect{opacity:0.5;background-color:rgba(232,232,232, 0.8);fill:rgba(232,232,232, 0.8);}#diagram-1775215096845 .label-icon{display:inline-block;height:1em;overflow:visible;vertical-align:-0.125em;}#diagram-1775215096845 .node .label-icon path{fill:currentColor;stroke:revert;stroke-width:revert;}#diagram-1775215096845 .node .neo-node{stroke:#9370DB;}#diagram-1775215096845 [data-look=\"neo\"].node rect,#diagram-1775215096845 [data-look=\"neo\"].cluster rect,#diagram-1775215096845 [data-look=\"neo\"].node polygon{stroke:#9370DB;filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#diagram-1775215096845 [data-look=\"neo\"].node path{stroke:#9370DB;stroke-width:1px;}#diagram-1775215096845 [data-look=\"neo\"].node .outer-path{filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#diagram-1775215096845 [data-look=\"neo\"].node .neo-line path{stroke:#9370DB;filter:none;}#diagram-1775215096845 [data-look=\"neo\"].node circle{stroke:#9370DB;filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#diagram-1775215096845 [data-look=\"neo\"].node circle .state-start{fill:#000000;}#diagram-1775215096845 [data-look=\"neo\"].icon-shape .icon{fill:#9370DB;filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#diagram-1775215096845 [data-look=\"neo\"].icon-shape .icon-neo path{stroke:#9370DB;filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#diagram-1775215096845 :root{--mermaid-font-family:system-ui,-apple-system,sans-serif;}\u003C\u002Fstyle>\u003Cg>\u003Cmarker id=\"diagram-1775215096845_flowchart-v2-pointEnd\" class=\"marker flowchart-v2\" viewBox=\"0 0 10 10\" refX=\"5\" refY=\"5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"8\" markerHeight=\"8\" orient=\"auto\">\u003Cpath d=\"M 0 0 L 10 5 L 0 10 z\" class=\"arrowMarkerPath\" style=\"stroke-width: 1; stroke-dasharray: 1, 0;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215096845_flowchart-v2-pointStart\" class=\"marker flowchart-v2\" viewBox=\"0 0 10 10\" refX=\"4.5\" refY=\"5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"8\" markerHeight=\"8\" orient=\"auto\">\u003Cpath d=\"M 0 5 L 10 10 L 10 0 z\" class=\"arrowMarkerPath\" style=\"stroke-width: 1; stroke-dasharray: 1, 0;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215096845_flowchart-v2-pointEnd-margin\" class=\"marker flowchart-v2\" viewBox=\"0 0 11.5 14\" refX=\"11.5\" refY=\"7\" markerUnits=\"userSpaceOnUse\" markerWidth=\"10.5\" markerHeight=\"14\" orient=\"auto\">\u003Cpath d=\"M 0 0 L 11.5 7 L 0 14 z\" class=\"arrowMarkerPath\" style=\"stroke-width: 0; stroke-dasharray: 1, 0;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215096845_flowchart-v2-pointStart-margin\" class=\"marker flowchart-v2\" viewBox=\"0 0 11.5 14\" refX=\"1\" refY=\"7\" markerUnits=\"userSpaceOnUse\" markerWidth=\"11.5\" markerHeight=\"14\" orient=\"auto\">\u003Cpolygon points=\"0,7 11.5,14 11.5,0\" class=\"arrowMarkerPath\" style=\"stroke-width: 0; stroke-dasharray: 1, 0;\">\u003C\u002Fpolygon>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215096845_flowchart-v2-circleEnd\" class=\"marker flowchart-v2\" viewBox=\"0 0 10 10\" refX=\"11\" refY=\"5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"11\" markerHeight=\"11\" orient=\"auto\">\u003Ccircle cx=\"5\" cy=\"5\" r=\"5\" class=\"arrowMarkerPath\" style=\"stroke-width: 1; stroke-dasharray: 1, 0;\">\u003C\u002Fcircle>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215096845_flowchart-v2-circleStart\" class=\"marker flowchart-v2\" viewBox=\"0 0 10 10\" refX=\"-1\" refY=\"5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"11\" markerHeight=\"11\" orient=\"auto\">\u003Ccircle cx=\"5\" cy=\"5\" r=\"5\" class=\"arrowMarkerPath\" style=\"stroke-width: 1; stroke-dasharray: 1, 0;\">\u003C\u002Fcircle>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215096845_flowchart-v2-circleEnd-margin\" class=\"marker flowchart-v2\" viewBox=\"0 0 10 10\" refY=\"5\" refX=\"12.25\" markerUnits=\"userSpaceOnUse\" markerWidth=\"14\" markerHeight=\"14\" orient=\"auto\">\u003Ccircle cx=\"5\" cy=\"5\" r=\"5\" class=\"arrowMarkerPath\" style=\"stroke-width: 0; stroke-dasharray: 1, 0;\">\u003C\u002Fcircle>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215096845_flowchart-v2-circleStart-margin\" class=\"marker flowchart-v2\" viewBox=\"0 0 10 10\" refX=\"-2\" refY=\"5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"14\" markerHeight=\"14\" orient=\"auto\">\u003Ccircle cx=\"5\" cy=\"5\" r=\"5\" class=\"arrowMarkerPath\" style=\"stroke-width: 0; stroke-dasharray: 1, 0;\">\u003C\u002Fcircle>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215096845_flowchart-v2-crossEnd\" class=\"marker cross flowchart-v2\" viewBox=\"0 0 11 11\" refX=\"12\" refY=\"5.2\" markerUnits=\"userSpaceOnUse\" markerWidth=\"11\" markerHeight=\"11\" orient=\"auto\">\u003Cpath d=\"M 1,1 l 9,9 M 10,1 l -9,9\" class=\"arrowMarkerPath\" style=\"stroke-width: 2; stroke-dasharray: 1, 0;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215096845_flowchart-v2-crossStart\" class=\"marker cross flowchart-v2\" viewBox=\"0 0 11 11\" refX=\"-1\" refY=\"5.2\" markerUnits=\"userSpaceOnUse\" markerWidth=\"11\" markerHeight=\"11\" orient=\"auto\">\u003Cpath d=\"M 1,1 l 9,9 M 10,1 l -9,9\" class=\"arrowMarkerPath\" style=\"stroke-width: 2; stroke-dasharray: 1, 0;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215096845_flowchart-v2-crossEnd-margin\" class=\"marker cross flowchart-v2\" viewBox=\"0 0 15 15\" refX=\"17.7\" refY=\"7.5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"12\" markerHeight=\"12\" orient=\"auto\">\u003Cpath d=\"M 1,1 L 14,14 M 1,14 L 14,1\" class=\"arrowMarkerPath\" style=\"stroke-width: 2.5;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215096845_flowchart-v2-crossStart-margin\" class=\"marker cross flowchart-v2\" viewBox=\"0 0 15 15\" refX=\"-3.5\" refY=\"7.5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"12\" markerHeight=\"12\" orient=\"auto\">\u003Cpath d=\"M 1,1 L 14,14 M 1,14 L 14,1\" class=\"arrowMarkerPath\" style=\"stroke-width: 2.5; stroke-dasharray: 1, 0;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cg class=\"root\">\u003Cg class=\"clusters\">\u003C\u002Fg>\u003Cg class=\"edgePaths\">\u003Cpath d=\"M186.438,35L190.604,35C194.771,35,203.104,35,210.771,35C218.438,35,225.438,35,228.938,35L232.438,35\" id=\"diagram-1775215096845-L_A_B_0\" class=\" edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link\" style=\";\" data-edge=\"true\" data-et=\"edge\" data-id=\"L_A_B_0\" data-points=\"W3sieCI6MTg2LjQzNzUsInkiOjM1fSx7IngiOjIxMS40Mzc1LCJ5IjozNX0seyJ4IjoyMzYuNDM3NSwieSI6MzV9XQ==\" data-look=\"classic\" marker-end=\"url(#diagram-1775215096845_flowchart-v2-pointEnd)\">\u003C\u002Fpath>\u003Cpath d=\"M444.125,35L448.292,35C452.458,35,460.792,35,468.458,35C476.125,35,483.125,35,486.625,35L490.125,35\" id=\"diagram-1775215096845-L_B_C_0\" class=\" edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link\" style=\";\" data-edge=\"true\" data-et=\"edge\" data-id=\"L_B_C_0\" data-points=\"W3sieCI6NDQ0LjEyNSwieSI6MzV9LHsieCI6NDY5LjEyNSwieSI6MzV9LHsieCI6NDk0LjEyNSwieSI6MzV9XQ==\" data-look=\"classic\" marker-end=\"url(#diagram-1775215096845_flowchart-v2-pointEnd)\">\u003C\u002Fpath>\u003Cpath d=\"M695.813,35L699.979,35C704.146,35,712.479,35,720.146,35C727.813,35,734.813,35,738.313,35L741.813,35\" id=\"diagram-1775215096845-L_C_D_0\" class=\" edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link\" style=\";\" data-edge=\"true\" data-et=\"edge\" data-id=\"L_C_D_0\" data-points=\"W3sieCI6Njk1LjgxMjUsInkiOjM1fSx7IngiOjcyMC44MTI1LCJ5IjozNX0seyJ4Ijo3NDUuODEyNSwieSI6MzV9XQ==\" data-look=\"classic\" marker-end=\"url(#diagram-1775215096845_flowchart-v2-pointEnd)\">\u003C\u002Fpath>\u003Cpath d=\"M919.172,35L923.339,35C927.505,35,935.839,35,943.505,35C951.172,35,958.172,35,961.672,35L965.172,35\" id=\"diagram-1775215096845-L_D_E_0\" class=\" edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link\" style=\";\" data-edge=\"true\" data-et=\"edge\" data-id=\"L_D_E_0\" data-points=\"W3sieCI6OTE5LjE3MTg3NSwieSI6MzV9LHsieCI6OTQ0LjE3MTg3NSwieSI6MzV9LHsieCI6OTY5LjE3MTg3NSwieSI6MzV9XQ==\" data-look=\"classic\" marker-end=\"url(#diagram-1775215096845_flowchart-v2-pointEnd)\">\u003C\u002Fpath>\u003C\u002Fg>\u003Cg class=\"edgeLabels\">\u003Cg class=\"edgeLabel\">\u003Cg class=\"label\" data-id=\"L_A_B_0\" transform=\"translate(0, 0)\">\u003CforeignObject width=\"0\" height=\"0\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" class=\"labelBkg\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"edgeLabel \">\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"edgeLabel\">\u003Cg class=\"label\" data-id=\"L_B_C_0\" transform=\"translate(0, 0)\">\u003CforeignObject width=\"0\" height=\"0\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" class=\"labelBkg\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"edgeLabel \">\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"edgeLabel\">\u003Cg class=\"label\" data-id=\"L_C_D_0\" transform=\"translate(0, 0)\">\u003CforeignObject width=\"0\" height=\"0\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" class=\"labelBkg\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"edgeLabel \">\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"edgeLabel\">\u003Cg class=\"label\" data-id=\"L_D_E_0\" transform=\"translate(0, 0)\">\u003CforeignObject width=\"0\" height=\"0\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" class=\"labelBkg\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"edgeLabel \">\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"nodes\">\u003Cg class=\"node default  \" id=\"diagram-1775215096845-flowchart-A-0\" data-look=\"classic\" transform=\"translate(97.21875, 35)\">\u003Crect class=\"basic label-container\" style=\"fill:#f59e0b !important\" x=\"-89.21875\" y=\"-27\" width=\"178.4375\" height=\"54\">\u003C\u002Frect>\u003Cg class=\"label\" style=\"color:#000 !important\" transform=\"translate(-59.21875, -12)\">\u003Crect>\u003C\u002Frect>\u003CforeignObject width=\"118.4375\" height=\"24\">\u003Cdiv style=\"color: rgb(0, 0, 0) !important; display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\" xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\">\u003Cspan style=\"color:#000 !important\" class=\"nodeLabel \">\u003Cp>Indirect Prompt\u003C\u002Fp>\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"node default  \" id=\"diagram-1775215096845-flowchart-B-1\" data-look=\"classic\" transform=\"translate(340.28125, 35)\">\u003Crect class=\"basic label-container\" style=\"\" x=\"-103.84375\" y=\"-27\" width=\"207.6875\" height=\"54\">\u003C\u002Frect>\u003Cg class=\"label\" style=\"\" transform=\"translate(-73.84375, -12)\">\u003Crect>\u003C\u002Frect>\u003CforeignObject width=\"147.6875\" height=\"24\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"nodeLabel \">\u003Cp>Model Compromise\u003C\u002Fp>\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"node default  \" id=\"diagram-1775215096845-flowchart-C-3\" data-look=\"classic\" transform=\"translate(594.96875, 35)\">\u003Crect class=\"basic label-container\" style=\"\" x=\"-100.84375\" y=\"-27\" width=\"201.6875\" height=\"54\">\u003C\u002Frect>\u003Cg class=\"label\" style=\"\" transform=\"translate(-70.84375, -12)\">\u003Crect>\u003C\u002Frect>\u003CforeignObject width=\"141.6875\" height=\"24\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"nodeLabel \">\u003Cp>Memory Poisoning\u003C\u002Fp>\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"node default  \" id=\"diagram-1775215096845-flowchart-D-5\" data-look=\"classic\" transform=\"translate(832.4921875, 35)\">\u003Crect class=\"basic label-container\" style=\"\" x=\"-86.6796875\" y=\"-27\" width=\"173.359375\" height=\"54\">\u003C\u002Frect>\u003Cg class=\"label\" style=\"\" transform=\"translate(-56.6796875, -12)\">\u003Crect>\u003C\u002Frect>\u003CforeignObject width=\"113.359375\" height=\"24\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"nodeLabel \">\u003Cp>Tool\u002FAPI Abuse\u003C\u002Fp>\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"node default  \" id=\"diagram-1775215096845-flowchart-E-7\" data-look=\"classic\" transform=\"translate(1070.4453125, 35)\">\u003Crect class=\"basic label-container\" style=\"fill:#ef4444 !important\" x=\"-101.2734375\" y=\"-27\" width=\"202.546875\" height=\"54\">\u003C\u002Frect>\u003Cg class=\"label\" style=\"color:#fff !important\" transform=\"translate(-71.2734375, -12)\">\u003Crect>\u003C\u002Frect>\u003CforeignObject width=\"142.546875\" height=\"24\">\u003Cdiv style=\"color: rgb(255, 255, 255) !important; display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\" xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\">\u003Cspan style=\"color:#fff !important\" class=\"nodeLabel \">\u003Cp>Rogue Agent Mesh\u003C\u002Fp>\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003C\u002Fg>\u003C\u002Fg>\u003C\u002Fg>\u003Cdefs>\u003Cfilter id=\"diagram-1775215096845-drop-shadow\" height=\"130%\" width=\"130%\">\u003CfeDropShadow dx=\"4\" dy=\"4\" stdDeviation=\"0\" flood-opacity=\"0.06\" flood-color=\"#000000\">\u003C\u002FfeDropShadow>\u003C\u002Ffilter>\u003C\u002Fdefs>\u003Cdefs>\u003Cfilter id=\"diagram-1775215096845-drop-shadow-small\" height=\"150%\" width=\"150%\">\u003CfeDropShadow dx=\"2\" dy=\"2\" stdDeviation=\"0\" flood-opacity=\"0.06\" flood-color=\"#000000\">\u003C\u002FfeDropShadow>\u003C\u002Ffilter>\u003C\u002Fdefs>\u003Ctext x=\"1174.71875\" y=\"90\" text-anchor=\"end\" fill=\"#6b7280\" stroke=\"#ffffff\" stroke-width=\"3\" paint-order=\"stroke\" font-size=\"11\" font-family=\"system-ui, sans-serif\" opacity=\"0.7\">coreprose.com\u003C\u002Ftext>\u003C\u002Fsvg>\n\u003C\u002Fdiv>\n\u003Chr>\n\u003Ch2>2. Reference Architecture: Defensive AI Control Plane for Cloud and OT\u003C\u002Fh2>\n\u003Cp>Deploy a layered sandbox and execution-risk control plane for every agentic workflow.\u003C\u002Fp>\n\u003Cp>Constrain agents with:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Sandboxed tools and reduced entitlements\u003C\u002Fli>\n\u003Cli>Network egress controls and scoped credentials\u003C\u002Fli>\n\u003Cli>Strict limits on filesystem writes, especially configs, to block persistence and RCE paths \u003Ca href=\"#source-1\" class=\"citation-link\" title=\"View source [1]\">[1]\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For high-risk actions (schema migrations, OT setpoint changes):\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Replace “run with user rights” with explicit policies\u003C\u002Fli>\n\u003Cli>Require approvals and just-in-time elevation\u003C\u002Fli>\n\u003Cli>Prevent LLMs from inheriting full human privileges.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Build a dedicated AI runtime telemetry pipeline, mirroring secure Azure OpenAI patterns \u003Ca href=\"#source-4\" class=\"citation-link\" title=\"View source [4]\">[4]\u003C\u002Fa>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Centralize prompts, system messages, tool calls, outputs, safety events\u003C\u002Fli>\n\u003Cli>Maintain a unified, time-ordered stream\u003C\u002Fli>\n\u003Cli>Integrate with SIEM and cloud-native AI threat protection\u003C\u002Fli>\n\u003Cli>Correlate semantic anomalies with network, endpoint, and OT data.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Harden the agent layer with prompt-injection-resistant patterns \u003Ca href=\"#source-5\" class=\"citation-link\" title=\"View source [5]\">[5]\u003C\u002Fa>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Strict system prompts and role definitions\u003C\u002Fli>\n\u003Cli>Planner–executor separation\u003C\u002Fli>\n\u003Cli>Controlled context routing and whitelisted tools.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Design defense agents as autonomous security co-pilots in the SOC:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Continuously triage AI telemetry\u003C\u002Fli>\n\u003Cli>Reduce alert volume and automate investigations\u003C\u002Fli>\n\u003Cli>Align with demonstrated agentic AI for next-gen security operations \u003Ca href=\"#source-3\" class=\"citation-link\" title=\"View source [3]\">[3]\u003C\u002Fa>\u003Ca href=\"#source-2\" class=\"citation-link\" title=\"View source [2]\">[2]\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Apply MAESTRO-style multilayer defense-in-depth \u003Ca href=\"#source-5\" class=\"citation-link\" title=\"View source [5]\">[5]\u003C\u002Fa>\u003Ca href=\"#source-12\" class=\"citation-link\" title=\"View source [12]\">[12]\u003C\u002Fa>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Inference:\u003C\u002Fstrong> enforce system instructions, content safety gates\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Memory:\u003C\u002Fstrong> isolate, snapshot, and integrity-check memories \u003Ca href=\"#source-12\" class=\"citation-link\" title=\"View source [12]\">[12]\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Planning:\u003C\u002Fstrong> validate plans; simulate risky steps before execution \u003Ca href=\"#source-12\" class=\"citation-link\" title=\"View source [12]\">[12]\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Anomaly detection:\u003C\u002Fstrong> route suspicious workflows into quarantine sandboxes isolated from production OT and cloud \u003Ca href=\"#source-1\" class=\"citation-link\" title=\"View source [1]\">[1]\u003C\u002Fa>\u003Ca href=\"#source-12\" class=\"citation-link\" title=\"View source [12]\">[12]\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Key design principle:\u003C\u002Fstrong> Treat defense agents as first-class security components, not ad hoc scripts.\u003C\u002Fp>\n\u003Cdiv class=\"mermaid-diagram not-prose my-6\" role=\"img\" aria-label=\"Diagram\">\n\u003Csvg id=\"diagram-1775215097483\" width=\"100%\" xmlns=\"http:\u002F\u002Fwww.w3.org\u002F2000\u002Fsvg\" class=\"flowchart\" style=\"max-width: 423.921875px;\" viewBox=\"0 0 423.921875 615\" role=\"graphics-document document\" aria-roledescription=\"flowchart-v2\">\u003Cstyle>#diagram-1775215097483{font-family:system-ui,-apple-system,sans-serif;font-size:16px;fill:#333;}@keyframes edge-animation-frame{from{stroke-dashoffset:0;}}@keyframes dash{to{stroke-dashoffset:0;}}#diagram-1775215097483 .edge-animation-slow{stroke-dasharray:9,5!important;stroke-dashoffset:900;animation:dash 50s linear infinite;stroke-linecap:round;}#diagram-1775215097483 .edge-animation-fast{stroke-dasharray:9,5!important;stroke-dashoffset:900;animation:dash 20s linear infinite;stroke-linecap:round;}#diagram-1775215097483 .error-icon{fill:#552222;}#diagram-1775215097483 .error-text{fill:#552222;stroke:#552222;}#diagram-1775215097483 .edge-thickness-normal{stroke-width:1px;}#diagram-1775215097483 .edge-thickness-thick{stroke-width:3.5px;}#diagram-1775215097483 .edge-pattern-solid{stroke-dasharray:0;}#diagram-1775215097483 .edge-thickness-invisible{stroke-width:0;fill:none;}#diagram-1775215097483 .edge-pattern-dashed{stroke-dasharray:3;}#diagram-1775215097483 .edge-pattern-dotted{stroke-dasharray:2;}#diagram-1775215097483 .marker{fill:#333333;stroke:#333333;}#diagram-1775215097483 .marker.cross{stroke:#333333;}#diagram-1775215097483 svg{font-family:system-ui,-apple-system,sans-serif;font-size:16px;}#diagram-1775215097483 p{margin:0;}#diagram-1775215097483 .label{font-family:system-ui,-apple-system,sans-serif;color:#333;}#diagram-1775215097483 .cluster-label text{fill:#333;}#diagram-1775215097483 .cluster-label span{color:#333;}#diagram-1775215097483 .cluster-label span p{background-color:transparent;}#diagram-1775215097483 .label text,#diagram-1775215097483 span{fill:#333;color:#333;}#diagram-1775215097483 .node rect,#diagram-1775215097483 .node circle,#diagram-1775215097483 .node ellipse,#diagram-1775215097483 .node polygon,#diagram-1775215097483 .node path{fill:#ECECFF;stroke:#9370DB;stroke-width:1px;}#diagram-1775215097483 .rough-node .label text,#diagram-1775215097483 .node .label text,#diagram-1775215097483 .image-shape .label,#diagram-1775215097483 .icon-shape .label{text-anchor:middle;}#diagram-1775215097483 .node .katex path{fill:#000;stroke:#000;stroke-width:1px;}#diagram-1775215097483 .rough-node .label,#diagram-1775215097483 .node .label,#diagram-1775215097483 .image-shape .label,#diagram-1775215097483 .icon-shape .label{text-align:center;}#diagram-1775215097483 .node.clickable{cursor:pointer;}#diagram-1775215097483 .root .anchor path{fill:#333333!important;stroke-width:0;stroke:#333333;}#diagram-1775215097483 .arrowheadPath{fill:#333333;}#diagram-1775215097483 .edgePath .path{stroke:#333333;stroke-width:1px;}#diagram-1775215097483 .flowchart-link{stroke:#333333;fill:none;}#diagram-1775215097483 .edgeLabel{background-color:rgba(232,232,232, 0.8);text-align:center;}#diagram-1775215097483 .edgeLabel p{background-color:rgba(232,232,232, 0.8);}#diagram-1775215097483 .edgeLabel rect{opacity:0.5;background-color:rgba(232,232,232, 0.8);fill:rgba(232,232,232, 0.8);}#diagram-1775215097483 .labelBkg{background-color:rgba(232, 232, 232, 0.5);}#diagram-1775215097483 .cluster rect{fill:#ffffde;stroke:#aaaa33;stroke-width:1px;}#diagram-1775215097483 .cluster text{fill:#333;}#diagram-1775215097483 .cluster span{color:#333;}#diagram-1775215097483 div.mermaidTooltip{position:absolute;text-align:center;max-width:200px;padding:2px;font-family:system-ui,-apple-system,sans-serif;font-size:12px;background:hsl(80, 100%, 96.2745098039%);border:1px solid #aaaa33;border-radius:2px;pointer-events:none;z-index:100;}#diagram-1775215097483 .flowchartTitleText{text-anchor:middle;font-size:18px;fill:#333;}#diagram-1775215097483 rect.text{fill:none;stroke-width:0;}#diagram-1775215097483 .icon-shape,#diagram-1775215097483 .image-shape{background-color:rgba(232,232,232, 0.8);text-align:center;}#diagram-1775215097483 .icon-shape p,#diagram-1775215097483 .image-shape p{background-color:rgba(232,232,232, 0.8);padding:2px;}#diagram-1775215097483 .icon-shape .label rect,#diagram-1775215097483 .image-shape .label rect{opacity:0.5;background-color:rgba(232,232,232, 0.8);fill:rgba(232,232,232, 0.8);}#diagram-1775215097483 .label-icon{display:inline-block;height:1em;overflow:visible;vertical-align:-0.125em;}#diagram-1775215097483 .node .label-icon path{fill:currentColor;stroke:revert;stroke-width:revert;}#diagram-1775215097483 .node .neo-node{stroke:#9370DB;}#diagram-1775215097483 [data-look=\"neo\"].node rect,#diagram-1775215097483 [data-look=\"neo\"].cluster rect,#diagram-1775215097483 [data-look=\"neo\"].node polygon{stroke:#9370DB;filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#diagram-1775215097483 [data-look=\"neo\"].node path{stroke:#9370DB;stroke-width:1px;}#diagram-1775215097483 [data-look=\"neo\"].node .outer-path{filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#diagram-1775215097483 [data-look=\"neo\"].node .neo-line path{stroke:#9370DB;filter:none;}#diagram-1775215097483 [data-look=\"neo\"].node circle{stroke:#9370DB;filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#diagram-1775215097483 [data-look=\"neo\"].node circle .state-start{fill:#000000;}#diagram-1775215097483 [data-look=\"neo\"].icon-shape .icon{fill:#9370DB;filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#diagram-1775215097483 [data-look=\"neo\"].icon-shape .icon-neo path{stroke:#9370DB;filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#diagram-1775215097483 :root{--mermaid-font-family:system-ui,-apple-system,sans-serif;}\u003C\u002Fstyle>\u003Cg>\u003Cmarker id=\"diagram-1775215097483_flowchart-v2-pointEnd\" class=\"marker flowchart-v2\" viewBox=\"0 0 10 10\" refX=\"5\" refY=\"5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"8\" markerHeight=\"8\" orient=\"auto\">\u003Cpath d=\"M 0 0 L 10 5 L 0 10 z\" class=\"arrowMarkerPath\" style=\"stroke-width: 1; stroke-dasharray: 1, 0;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215097483_flowchart-v2-pointStart\" class=\"marker flowchart-v2\" viewBox=\"0 0 10 10\" refX=\"4.5\" refY=\"5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"8\" markerHeight=\"8\" orient=\"auto\">\u003Cpath d=\"M 0 5 L 10 10 L 10 0 z\" class=\"arrowMarkerPath\" style=\"stroke-width: 1; stroke-dasharray: 1, 0;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215097483_flowchart-v2-pointEnd-margin\" class=\"marker flowchart-v2\" viewBox=\"0 0 11.5 14\" refX=\"11.5\" refY=\"7\" markerUnits=\"userSpaceOnUse\" markerWidth=\"10.5\" markerHeight=\"14\" orient=\"auto\">\u003Cpath d=\"M 0 0 L 11.5 7 L 0 14 z\" class=\"arrowMarkerPath\" style=\"stroke-width: 0; stroke-dasharray: 1, 0;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215097483_flowchart-v2-pointStart-margin\" class=\"marker flowchart-v2\" viewBox=\"0 0 11.5 14\" refX=\"1\" refY=\"7\" markerUnits=\"userSpaceOnUse\" markerWidth=\"11.5\" markerHeight=\"14\" orient=\"auto\">\u003Cpolygon points=\"0,7 11.5,14 11.5,0\" class=\"arrowMarkerPath\" style=\"stroke-width: 0; stroke-dasharray: 1, 0;\">\u003C\u002Fpolygon>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215097483_flowchart-v2-circleEnd\" class=\"marker flowchart-v2\" viewBox=\"0 0 10 10\" refX=\"11\" refY=\"5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"11\" markerHeight=\"11\" orient=\"auto\">\u003Ccircle cx=\"5\" cy=\"5\" r=\"5\" class=\"arrowMarkerPath\" style=\"stroke-width: 1; stroke-dasharray: 1, 0;\">\u003C\u002Fcircle>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215097483_flowchart-v2-circleStart\" class=\"marker flowchart-v2\" viewBox=\"0 0 10 10\" refX=\"-1\" refY=\"5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"11\" markerHeight=\"11\" orient=\"auto\">\u003Ccircle cx=\"5\" cy=\"5\" r=\"5\" class=\"arrowMarkerPath\" style=\"stroke-width: 1; stroke-dasharray: 1, 0;\">\u003C\u002Fcircle>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215097483_flowchart-v2-circleEnd-margin\" class=\"marker flowchart-v2\" viewBox=\"0 0 10 10\" refY=\"5\" refX=\"12.25\" markerUnits=\"userSpaceOnUse\" markerWidth=\"14\" markerHeight=\"14\" orient=\"auto\">\u003Ccircle cx=\"5\" cy=\"5\" r=\"5\" class=\"arrowMarkerPath\" style=\"stroke-width: 0; stroke-dasharray: 1, 0;\">\u003C\u002Fcircle>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215097483_flowchart-v2-circleStart-margin\" class=\"marker flowchart-v2\" viewBox=\"0 0 10 10\" refX=\"-2\" refY=\"5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"14\" markerHeight=\"14\" orient=\"auto\">\u003Ccircle cx=\"5\" cy=\"5\" r=\"5\" class=\"arrowMarkerPath\" style=\"stroke-width: 0; stroke-dasharray: 1, 0;\">\u003C\u002Fcircle>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215097483_flowchart-v2-crossEnd\" class=\"marker cross flowchart-v2\" viewBox=\"0 0 11 11\" refX=\"12\" refY=\"5.2\" markerUnits=\"userSpaceOnUse\" markerWidth=\"11\" markerHeight=\"11\" orient=\"auto\">\u003Cpath d=\"M 1,1 l 9,9 M 10,1 l -9,9\" class=\"arrowMarkerPath\" style=\"stroke-width: 2; stroke-dasharray: 1, 0;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215097483_flowchart-v2-crossStart\" class=\"marker cross flowchart-v2\" viewBox=\"0 0 11 11\" refX=\"-1\" refY=\"5.2\" markerUnits=\"userSpaceOnUse\" markerWidth=\"11\" markerHeight=\"11\" orient=\"auto\">\u003Cpath d=\"M 1,1 l 9,9 M 10,1 l -9,9\" class=\"arrowMarkerPath\" style=\"stroke-width: 2; stroke-dasharray: 1, 0;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215097483_flowchart-v2-crossEnd-margin\" class=\"marker cross flowchart-v2\" viewBox=\"0 0 15 15\" refX=\"17.7\" refY=\"7.5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"12\" markerHeight=\"12\" orient=\"auto\">\u003Cpath d=\"M 1,1 L 14,14 M 1,14 L 14,1\" class=\"arrowMarkerPath\" style=\"stroke-width: 2.5;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215097483_flowchart-v2-crossStart-margin\" class=\"marker cross flowchart-v2\" viewBox=\"0 0 15 15\" refX=\"-3.5\" refY=\"7.5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"12\" markerHeight=\"12\" orient=\"auto\">\u003Cpath d=\"M 1,1 L 14,14 M 1,14 L 14,1\" class=\"arrowMarkerPath\" style=\"stroke-width: 2.5; stroke-dasharray: 1, 0;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cg class=\"root\">\u003Cg class=\"clusters\">\u003C\u002Fg>\u003Cg class=\"edgePaths\">\u003Cpath d=\"M194.121,62L194.121,66.167C194.121,70.333,194.121,78.667,194.121,86.333C194.121,94,194.121,101,194.121,104.5L194.121,108\" id=\"diagram-1775215097483-L_A_B_0\" class=\" edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link\" style=\";\" data-edge=\"true\" data-et=\"edge\" data-id=\"L_A_B_0\" data-points=\"W3sieCI6MTk0LjEyMTA5Mzc1LCJ5Ijo2Mn0seyJ4IjoxOTQuMTIxMDkzNzUsInkiOjg3fSx7IngiOjE5NC4xMjEwOTM3NSwieSI6MTEyfV0=\" data-look=\"classic\" marker-end=\"url(#diagram-1775215097483_flowchart-v2-pointEnd)\">\u003C\u002Fpath>\u003Cpath d=\"M234.337,166L240.543,170.167C246.749,174.333,259.162,182.667,265.368,190.333C271.574,198,271.574,205,271.574,208.5L271.574,212\" id=\"diagram-1775215097483-L_B_C_0\" class=\" edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link\" style=\";\" data-edge=\"true\" data-et=\"edge\" data-id=\"L_B_C_0\" data-points=\"W3sieCI6MjM0LjMzNzEzOTQyMzA3NjksInkiOjE2Nn0seyJ4IjoyNzEuNTc0MjE4NzUsInkiOjE5MX0seyJ4IjoyNzEuNTc0MjE4NzUsInkiOjIxNn1d\" data-look=\"classic\" marker-end=\"url(#diagram-1775215097483_flowchart-v2-pointEnd)\">\u003C\u002Fpath>\u003Cpath d=\"M153.905,166L147.699,170.167C141.493,174.333,129.08,182.667,122.874,195.5C116.668,208.333,116.668,225.667,116.668,243C116.668,260.333,116.668,277.667,122.321,290.128C127.973,302.59,139.279,310.18,144.931,313.975L150.584,317.77\" id=\"diagram-1775215097483-L_B_D_0\" class=\" edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link\" style=\";\" data-edge=\"true\" data-et=\"edge\" data-id=\"L_B_D_0\" data-points=\"W3sieCI6MTUzLjkwNTA0ODA3NjkyMzEsInkiOjE2Nn0seyJ4IjoxMTYuNjY3OTY4NzUsInkiOjE5MX0seyJ4IjoxMTYuNjY3OTY4NzUsInkiOjI0M30seyJ4IjoxMTYuNjY3OTY4NzUsInkiOjI5NX0seyJ4IjoxNTMuOTA1MDQ4MDc2OTIzMSwieSI6MzIwfV0=\" data-look=\"classic\" marker-end=\"url(#diagram-1775215097483_flowchart-v2-pointEnd)\">\u003C\u002Fpath>\u003Cpath d=\"M271.574,270L271.574,274.167C271.574,278.333,271.574,286.667,265.922,294.628C260.269,302.59,248.963,310.18,243.311,313.975L237.658,317.77\" id=\"diagram-1775215097483-L_C_D_0\" class=\" edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link\" style=\";\" data-edge=\"true\" data-et=\"edge\" data-id=\"L_C_D_0\" data-points=\"W3sieCI6MjcxLjU3NDIxODc1LCJ5IjoyNzB9LHsieCI6MjcxLjU3NDIxODc1LCJ5IjoyOTV9LHsieCI6MjM0LjMzNzEzOTQyMzA3NjksInkiOjMyMH1d\" data-look=\"classic\" marker-end=\"url(#diagram-1775215097483_flowchart-v2-pointEnd)\">\u003C\u002Fpath>\u003Cpath d=\"M194.121,374L194.121,378.167C194.121,382.333,194.121,390.667,194.121,398.333C194.121,406,194.121,413,194.121,416.5L194.121,420\" id=\"diagram-1775215097483-L_D_E_0\" class=\" edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link\" style=\";\" data-edge=\"true\" data-et=\"edge\" data-id=\"L_D_E_0\" data-points=\"W3sieCI6MTk0LjEyMTA5Mzc1LCJ5IjozNzR9LHsieCI6MTk0LjEyMTA5Mzc1LCJ5IjozOTl9LHsieCI6MTk0LjEyMTA5Mzc1LCJ5Ijo0MjR9XQ==\" data-look=\"classic\" marker-end=\"url(#diagram-1775215097483_flowchart-v2-pointEnd)\">\u003C\u002Fpath>\u003Cpath d=\"M134.679,478L125.506,482.167C116.333,486.333,97.987,494.667,88.814,502.333C79.641,510,79.641,517,79.641,520.5L79.641,524\" id=\"diagram-1775215097483-L_E_F_0\" class=\" edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link\" style=\";\" data-edge=\"true\" data-et=\"edge\" data-id=\"L_E_F_0\" data-points=\"W3sieCI6MTM0LjY3OTMxMTg5OTAzODQ1LCJ5Ijo0Nzh9LHsieCI6NzkuNjQwNjI1LCJ5Ijo1MDN9LHsieCI6NzkuNjQwNjI1LCJ5Ijo1Mjh9XQ==\" data-look=\"classic\" marker-end=\"url(#diagram-1775215097483_flowchart-v2-pointEnd)\">\u003C\u002Fpath>\u003Cpath d=\"M253.563,478L262.736,482.167C271.909,486.333,290.255,494.667,299.428,502.333C308.602,510,308.602,517,308.602,520.5L308.602,524\" id=\"diagram-1775215097483-L_E_G_0\" class=\" edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link\" style=\";\" data-edge=\"true\" data-et=\"edge\" data-id=\"L_E_G_0\" data-points=\"W3sieCI6MjUzLjU2Mjg3NTYwMDk2MTU1LCJ5Ijo0Nzh9LHsieCI6MzA4LjYwMTU2MjUsInkiOjUwM30seyJ4IjozMDguNjAxNTYyNSwieSI6NTI4fV0=\" data-look=\"classic\" marker-end=\"url(#diagram-1775215097483_flowchart-v2-pointEnd)\">\u003C\u002Fpath>\u003C\u002Fg>\u003Cg class=\"edgeLabels\">\u003Cg class=\"edgeLabel\">\u003Cg class=\"label\" data-id=\"L_A_B_0\" transform=\"translate(0, 0)\">\u003CforeignObject width=\"0\" height=\"0\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" class=\"labelBkg\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"edgeLabel \">\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"edgeLabel\">\u003Cg class=\"label\" data-id=\"L_B_C_0\" transform=\"translate(0, 0)\">\u003CforeignObject width=\"0\" height=\"0\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" class=\"labelBkg\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"edgeLabel \">\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"edgeLabel\">\u003Cg class=\"label\" data-id=\"L_B_D_0\" transform=\"translate(0, 0)\">\u003CforeignObject width=\"0\" height=\"0\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" class=\"labelBkg\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"edgeLabel \">\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"edgeLabel\">\u003Cg class=\"label\" data-id=\"L_C_D_0\" transform=\"translate(0, 0)\">\u003CforeignObject width=\"0\" height=\"0\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" class=\"labelBkg\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"edgeLabel \">\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"edgeLabel\">\u003Cg class=\"label\" data-id=\"L_D_E_0\" transform=\"translate(0, 0)\">\u003CforeignObject width=\"0\" height=\"0\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" class=\"labelBkg\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"edgeLabel \">\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"edgeLabel\">\u003Cg class=\"label\" data-id=\"L_E_F_0\" transform=\"translate(0, 0)\">\u003CforeignObject width=\"0\" height=\"0\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" class=\"labelBkg\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"edgeLabel \">\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"edgeLabel\">\u003Cg class=\"label\" data-id=\"L_E_G_0\" transform=\"translate(0, 0)\">\u003CforeignObject width=\"0\" height=\"0\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" class=\"labelBkg\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"edgeLabel \">\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"nodes\">\u003Cg class=\"node default  \" id=\"diagram-1775215097483-flowchart-A-0\" data-look=\"classic\" transform=\"translate(194.12109375, 35)\">\u003Crect class=\"basic label-container\" style=\"\" x=\"-88.03125\" y=\"-27\" width=\"176.0625\" height=\"54\">\u003C\u002Frect>\u003Cg class=\"label\" style=\"\" transform=\"translate(-58.03125, -12)\">\u003Crect>\u003C\u002Frect>\u003CforeignObject width=\"116.0625\" height=\"24\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"nodeLabel \">\u003Cp>User \u002F OT Event\u003C\u002Fp>\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"node default  \" id=\"diagram-1775215097483-flowchart-B-1\" data-look=\"classic\" transform=\"translate(194.12109375, 139)\">\u003Crect class=\"basic label-container\" style=\"\" x=\"-109.171875\" y=\"-27\" width=\"218.34375\" height=\"54\">\u003C\u002Frect>\u003Cg class=\"label\" style=\"\" transform=\"translate(-79.171875, -12)\">\u003Crect>\u003C\u002Frect>\u003CforeignObject width=\"158.34375\" height=\"24\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"nodeLabel \">\u003Cp>Business LLM Agents\u003C\u002Fp>\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"node default  \" id=\"diagram-1775215097483-flowchart-C-2\" data-look=\"classic\" transform=\"translate(271.57421875, 243)\">\u003Crect class=\"basic label-container\" style=\"\" x=\"-119.90625\" y=\"-27\" width=\"239.8125\" height=\"54\">\u003C\u002Frect>\u003Cg class=\"label\" style=\"\" transform=\"translate(-89.90625, -12)\">\u003Crect>\u003C\u002Frect>\u003CforeignObject width=\"179.8125\" height=\"24\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"nodeLabel \">\u003Cp>Sandboxed Tools & APIs\u003C\u002Fp>\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"node default  \" id=\"diagram-1775215097483-flowchart-D-3\" data-look=\"classic\" transform=\"translate(194.12109375, 347)\">\u003Crect class=\"basic label-container\" style=\"\" x=\"-109.1484375\" y=\"-27\" width=\"218.296875\" height=\"54\">\u003C\u002Frect>\u003Cg class=\"label\" style=\"\" transform=\"translate(-79.1484375, -12)\">\u003Crect>\u003C\u002Frect>\u003CforeignObject width=\"158.296875\" height=\"24\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"nodeLabel \">\u003Cp>AI Telemetry Pipeline\u003C\u002Fp>\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"node default  \" id=\"diagram-1775215097483-flowchart-E-4\" data-look=\"classic\" transform=\"translate(194.12109375, 451)\">\u003Crect class=\"basic label-container\" style=\"fill:#22c55e !important\" x=\"-123.0859375\" y=\"-27\" width=\"246.171875\" height=\"54\">\u003C\u002Frect>\u003Cg class=\"label\" style=\"color:#fff !important\" transform=\"translate(-93.0859375, -12)\">\u003Crect>\u003C\u002Frect>\u003CforeignObject width=\"186.171875\" height=\"24\">\u003Cdiv style=\"color: rgb(255, 255, 255) !important; display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\" xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\">\u003Cspan style=\"color:#fff !important\" class=\"nodeLabel \">\u003Cp>Runtime Defense Agents\u003C\u002Fp>\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"node default  \" id=\"diagram-1775215097483-flowchart-F-5\" data-look=\"classic\" transform=\"translate(79.640625, 555)\">\u003Crect class=\"basic label-container\" style=\"\" x=\"-71.640625\" y=\"-27\" width=\"143.28125\" height=\"54\">\u003C\u002Frect>\u003Cg class=\"label\" style=\"\" transform=\"translate(-41.640625, -12)\">\u003Crect>\u003C\u002Frect>\u003CforeignObject width=\"83.28125\" height=\"24\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"nodeLabel \">\u003Cp>SIEM \u002F SOC\u003C\u002Fp>\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"node default  \" id=\"diagram-1775215097483-flowchart-G-6\" data-look=\"classic\" transform=\"translate(308.6015625, 555)\">\u003Crect class=\"basic label-container\" style=\"fill:#f59e0b !important\" x=\"-107.3203125\" y=\"-27\" width=\"214.640625\" height=\"54\">\u003C\u002Frect>\u003Cg class=\"label\" style=\"color:#000 !important\" transform=\"translate(-77.3203125, -12)\">\u003Crect>\u003C\u002Frect>\u003CforeignObject width=\"154.640625\" height=\"24\">\u003Cdiv style=\"color: rgb(0, 0, 0) !important; display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\" xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\">\u003Cspan style=\"color:#000 !important\" class=\"nodeLabel \">\u003Cp>Quarantine Sandbox\u003C\u002Fp>\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003C\u002Fg>\u003C\u002Fg>\u003C\u002Fg>\u003Cdefs>\u003Cfilter id=\"diagram-1775215097483-drop-shadow\" height=\"130%\" width=\"130%\">\u003CfeDropShadow dx=\"4\" dy=\"4\" stdDeviation=\"0\" flood-opacity=\"0.06\" flood-color=\"#000000\">\u003C\u002FfeDropShadow>\u003C\u002Ffilter>\u003C\u002Fdefs>\u003Cdefs>\u003Cfilter id=\"diagram-1775215097483-drop-shadow-small\" height=\"150%\" width=\"150%\">\u003CfeDropShadow dx=\"2\" dy=\"2\" stdDeviation=\"0\" flood-opacity=\"0.06\" flood-color=\"#000000\">\u003C\u002FfeDropShadow>\u003C\u002Ffilter>\u003C\u002Fdefs>\u003Ctext x=\"418.921875\" y=\"610\" text-anchor=\"end\" fill=\"#6b7280\" stroke=\"#ffffff\" stroke-width=\"3\" paint-order=\"stroke\" font-size=\"11\" font-family=\"system-ui, sans-serif\" opacity=\"0.7\">coreprose.com\u003C\u002Ftext>\u003C\u002Fsvg>\n\u003C\u002Fdiv>\n\u003Chr>\n\u003Ch2>3. Operational Playbook: Detect, Contain, and Roll Back Rogue Agents\u003C\u002Fh2>\n\u003Cp>Treat prompt injection and jailbreaking as observable runtime events.\u003C\u002Fp>\n\u003Cp>Build a detection stack that flags \u003Ca href=\"#source-7\" class=\"citation-link\" title=\"View source [7]\">[7]\u003C\u002Fa>\u003Ca href=\"#source-9\" class=\"citation-link\" title=\"View source [9]\">[9]\u003C\u002Fa>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Role overrides and “ignore previous instructions” patterns\u003C\u002Fli>\n\u003Cli>Sudden escalation in tools, permissions, or OT impact\u003C\u002Fli>\n\u003Cli>Context hijacking where untrusted content injects policies.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Encode the full agent kill chain into rules \u003Ca href=\"#source-10\" class=\"citation-link\" title=\"View source [10]\">[10]\u003C\u002Fa>\u003Ca href=\"#source-6\" class=\"citation-link\" title=\"View source [6]\">[6]\u003C\u002Fa>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Input manipulation → model compromise → system attacks → protocol exploits\u003C\u002Fli>\n\u003Cli>Patterns like Prompt-to-SQL injection and Toxic Agent Flow across plugins and MCP servers.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Effective detection combines \u003Ca href=\"#source-7\" class=\"citation-link\" title=\"View source [7]\">[7]\u003C\u002Fa>\u003Ca href=\"#source-12\" class=\"citation-link\" title=\"View source [12]\">[12]\u003C\u002Fa>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Semantic patterns in prompts\u002Fresponses\u003C\u002Fli>\n\u003Cli>Deviations from normal tool sequences and timing\u003C\u002Fli>\n\u003Cli>Cross-signal anomalies from network, endpoint, and OT telemetry.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Containment must be dynamic; defense agents should \u003Ca href=\"#source-1\" class=\"citation-link\" title=\"View source [1]\">[1]\u003C\u002Fa>\u003Ca href=\"#source-7\" class=\"citation-link\" title=\"View source [7]\">[7]\u003C\u002Fa>\u003Ca href=\"#source-9\" class=\"citation-link\" title=\"View source [9]\">[9]\u003C\u002Fa>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Downgrade an agent’s privileges in real time\u003C\u002Fli>\n\u003Cli>Revoke individual tools or network scopes\u003C\u002Fli>\n\u003Cli>Push compromised agents into high-friction approval modes requiring human sign-off.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For rollback, treat telemetry as the recovery oracle \u003Ca href=\"#source-12\" class=\"citation-link\" title=\"View source [12]\">[12]\u003C\u002Fa>\u003Ca href=\"#source-2\" class=\"citation-link\" title=\"View source [2]\">[2]\u003C\u002Fa>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Detect memory poisoning or faulty adaptations\u003C\u002Fli>\n\u003Cli>Restore clean memory snapshots\u003C\u002Fli>\n\u003Cli>Revert configuration changes and OT plans to trusted baselines.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Incident response must assume AI-specific, malware-free runtime attacks \u003Ca href=\"#source-11\" class=\"citation-link\" title=\"View source [11]\">[11]\u003C\u002Fa>\u003Ca href=\"#source-7\" class=\"citation-link\" title=\"View source [7]\">[7]\u003C\u002Fa>\u003Ca href=\"#source-8\" class=\"citation-link\" title=\"View source [8]\">[8]\u003C\u002Fa>\u003Ca href=\"#source-9\" class=\"citation-link\" title=\"View source [9]\">[9]\u003C\u002Fa>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Enforce rapid patch and model-update cycles (sub-72-hour windows)\u003C\u002Fli>\n\u003Cli>Continuously red-team with curated prompt-injection and jailbreak suites\u003C\u002Fli>\n\u003Cli>Use results to tune policies, sandboxes, and detection thresholds.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cdiv class=\"mermaid-diagram not-prose my-6\" role=\"img\" aria-label=\"Diagram\">\n\u003Csvg id=\"diagram-1775215098174\" width=\"100%\" xmlns=\"http:\u002F\u002Fwww.w3.org\u002F2000\u002Fsvg\" class=\"flowchart\" style=\"max-width: 1181.9375px;\" viewBox=\"0 0 1181.9375 199\" role=\"graphics-document document\" aria-roledescription=\"flowchart-v2\">\u003Cstyle>#diagram-1775215098174{font-family:system-ui,-apple-system,sans-serif;font-size:16px;fill:#333;}@keyframes edge-animation-frame{from{stroke-dashoffset:0;}}@keyframes dash{to{stroke-dashoffset:0;}}#diagram-1775215098174 .edge-animation-slow{stroke-dasharray:9,5!important;stroke-dashoffset:900;animation:dash 50s linear infinite;stroke-linecap:round;}#diagram-1775215098174 .edge-animation-fast{stroke-dasharray:9,5!important;stroke-dashoffset:900;animation:dash 20s linear infinite;stroke-linecap:round;}#diagram-1775215098174 .error-icon{fill:#552222;}#diagram-1775215098174 .error-text{fill:#552222;stroke:#552222;}#diagram-1775215098174 .edge-thickness-normal{stroke-width:1px;}#diagram-1775215098174 .edge-thickness-thick{stroke-width:3.5px;}#diagram-1775215098174 .edge-pattern-solid{stroke-dasharray:0;}#diagram-1775215098174 .edge-thickness-invisible{stroke-width:0;fill:none;}#diagram-1775215098174 .edge-pattern-dashed{stroke-dasharray:3;}#diagram-1775215098174 .edge-pattern-dotted{stroke-dasharray:2;}#diagram-1775215098174 .marker{fill:#333333;stroke:#333333;}#diagram-1775215098174 .marker.cross{stroke:#333333;}#diagram-1775215098174 svg{font-family:system-ui,-apple-system,sans-serif;font-size:16px;}#diagram-1775215098174 p{margin:0;}#diagram-1775215098174 .label{font-family:system-ui,-apple-system,sans-serif;color:#333;}#diagram-1775215098174 .cluster-label text{fill:#333;}#diagram-1775215098174 .cluster-label span{color:#333;}#diagram-1775215098174 .cluster-label span p{background-color:transparent;}#diagram-1775215098174 .label text,#diagram-1775215098174 span{fill:#333;color:#333;}#diagram-1775215098174 .node rect,#diagram-1775215098174 .node circle,#diagram-1775215098174 .node ellipse,#diagram-1775215098174 .node polygon,#diagram-1775215098174 .node path{fill:#ECECFF;stroke:#9370DB;stroke-width:1px;}#diagram-1775215098174 .rough-node .label text,#diagram-1775215098174 .node .label text,#diagram-1775215098174 .image-shape .label,#diagram-1775215098174 .icon-shape .label{text-anchor:middle;}#diagram-1775215098174 .node .katex path{fill:#000;stroke:#000;stroke-width:1px;}#diagram-1775215098174 .rough-node .label,#diagram-1775215098174 .node .label,#diagram-1775215098174 .image-shape .label,#diagram-1775215098174 .icon-shape .label{text-align:center;}#diagram-1775215098174 .node.clickable{cursor:pointer;}#diagram-1775215098174 .root .anchor path{fill:#333333!important;stroke-width:0;stroke:#333333;}#diagram-1775215098174 .arrowheadPath{fill:#333333;}#diagram-1775215098174 .edgePath .path{stroke:#333333;stroke-width:1px;}#diagram-1775215098174 .flowchart-link{stroke:#333333;fill:none;}#diagram-1775215098174 .edgeLabel{background-color:rgba(232,232,232, 0.8);text-align:center;}#diagram-1775215098174 .edgeLabel p{background-color:rgba(232,232,232, 0.8);}#diagram-1775215098174 .edgeLabel rect{opacity:0.5;background-color:rgba(232,232,232, 0.8);fill:rgba(232,232,232, 0.8);}#diagram-1775215098174 .labelBkg{background-color:rgba(232, 232, 232, 0.5);}#diagram-1775215098174 .cluster rect{fill:#ffffde;stroke:#aaaa33;stroke-width:1px;}#diagram-1775215098174 .cluster text{fill:#333;}#diagram-1775215098174 .cluster span{color:#333;}#diagram-1775215098174 div.mermaidTooltip{position:absolute;text-align:center;max-width:200px;padding:2px;font-family:system-ui,-apple-system,sans-serif;font-size:12px;background:hsl(80, 100%, 96.2745098039%);border:1px solid #aaaa33;border-radius:2px;pointer-events:none;z-index:100;}#diagram-1775215098174 .flowchartTitleText{text-anchor:middle;font-size:18px;fill:#333;}#diagram-1775215098174 rect.text{fill:none;stroke-width:0;}#diagram-1775215098174 .icon-shape,#diagram-1775215098174 .image-shape{background-color:rgba(232,232,232, 0.8);text-align:center;}#diagram-1775215098174 .icon-shape p,#diagram-1775215098174 .image-shape p{background-color:rgba(232,232,232, 0.8);padding:2px;}#diagram-1775215098174 .icon-shape .label rect,#diagram-1775215098174 .image-shape .label rect{opacity:0.5;background-color:rgba(232,232,232, 0.8);fill:rgba(232,232,232, 0.8);}#diagram-1775215098174 .label-icon{display:inline-block;height:1em;overflow:visible;vertical-align:-0.125em;}#diagram-1775215098174 .node .label-icon path{fill:currentColor;stroke:revert;stroke-width:revert;}#diagram-1775215098174 .node .neo-node{stroke:#9370DB;}#diagram-1775215098174 [data-look=\"neo\"].node rect,#diagram-1775215098174 [data-look=\"neo\"].cluster rect,#diagram-1775215098174 [data-look=\"neo\"].node polygon{stroke:#9370DB;filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#diagram-1775215098174 [data-look=\"neo\"].node path{stroke:#9370DB;stroke-width:1px;}#diagram-1775215098174 [data-look=\"neo\"].node .outer-path{filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#diagram-1775215098174 [data-look=\"neo\"].node .neo-line path{stroke:#9370DB;filter:none;}#diagram-1775215098174 [data-look=\"neo\"].node circle{stroke:#9370DB;filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#diagram-1775215098174 [data-look=\"neo\"].node circle .state-start{fill:#000000;}#diagram-1775215098174 [data-look=\"neo\"].icon-shape .icon{fill:#9370DB;filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#diagram-1775215098174 [data-look=\"neo\"].icon-shape .icon-neo path{stroke:#9370DB;filter:drop-shadow(1px 2px 2px rgba(185, 185, 185, 1));}#diagram-1775215098174 :root{--mermaid-font-family:system-ui,-apple-system,sans-serif;}\u003C\u002Fstyle>\u003Cg>\u003Cmarker id=\"diagram-1775215098174_flowchart-v2-pointEnd\" class=\"marker flowchart-v2\" viewBox=\"0 0 10 10\" refX=\"5\" refY=\"5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"8\" markerHeight=\"8\" orient=\"auto\">\u003Cpath d=\"M 0 0 L 10 5 L 0 10 z\" class=\"arrowMarkerPath\" style=\"stroke-width: 1; stroke-dasharray: 1, 0;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215098174_flowchart-v2-pointStart\" class=\"marker flowchart-v2\" viewBox=\"0 0 10 10\" refX=\"4.5\" refY=\"5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"8\" markerHeight=\"8\" orient=\"auto\">\u003Cpath d=\"M 0 5 L 10 10 L 10 0 z\" class=\"arrowMarkerPath\" style=\"stroke-width: 1; stroke-dasharray: 1, 0;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215098174_flowchart-v2-pointEnd-margin\" class=\"marker flowchart-v2\" viewBox=\"0 0 11.5 14\" refX=\"11.5\" refY=\"7\" markerUnits=\"userSpaceOnUse\" markerWidth=\"10.5\" markerHeight=\"14\" orient=\"auto\">\u003Cpath d=\"M 0 0 L 11.5 7 L 0 14 z\" class=\"arrowMarkerPath\" style=\"stroke-width: 0; stroke-dasharray: 1, 0;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215098174_flowchart-v2-pointStart-margin\" class=\"marker flowchart-v2\" viewBox=\"0 0 11.5 14\" refX=\"1\" refY=\"7\" markerUnits=\"userSpaceOnUse\" markerWidth=\"11.5\" markerHeight=\"14\" orient=\"auto\">\u003Cpolygon points=\"0,7 11.5,14 11.5,0\" class=\"arrowMarkerPath\" style=\"stroke-width: 0; stroke-dasharray: 1, 0;\">\u003C\u002Fpolygon>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215098174_flowchart-v2-circleEnd\" class=\"marker flowchart-v2\" viewBox=\"0 0 10 10\" refX=\"11\" refY=\"5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"11\" markerHeight=\"11\" orient=\"auto\">\u003Ccircle cx=\"5\" cy=\"5\" r=\"5\" class=\"arrowMarkerPath\" style=\"stroke-width: 1; stroke-dasharray: 1, 0;\">\u003C\u002Fcircle>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215098174_flowchart-v2-circleStart\" class=\"marker flowchart-v2\" viewBox=\"0 0 10 10\" refX=\"-1\" refY=\"5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"11\" markerHeight=\"11\" orient=\"auto\">\u003Ccircle cx=\"5\" cy=\"5\" r=\"5\" class=\"arrowMarkerPath\" style=\"stroke-width: 1; stroke-dasharray: 1, 0;\">\u003C\u002Fcircle>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215098174_flowchart-v2-circleEnd-margin\" class=\"marker flowchart-v2\" viewBox=\"0 0 10 10\" refY=\"5\" refX=\"12.25\" markerUnits=\"userSpaceOnUse\" markerWidth=\"14\" markerHeight=\"14\" orient=\"auto\">\u003Ccircle cx=\"5\" cy=\"5\" r=\"5\" class=\"arrowMarkerPath\" style=\"stroke-width: 0; stroke-dasharray: 1, 0;\">\u003C\u002Fcircle>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215098174_flowchart-v2-circleStart-margin\" class=\"marker flowchart-v2\" viewBox=\"0 0 10 10\" refX=\"-2\" refY=\"5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"14\" markerHeight=\"14\" orient=\"auto\">\u003Ccircle cx=\"5\" cy=\"5\" r=\"5\" class=\"arrowMarkerPath\" style=\"stroke-width: 0; stroke-dasharray: 1, 0;\">\u003C\u002Fcircle>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215098174_flowchart-v2-crossEnd\" class=\"marker cross flowchart-v2\" viewBox=\"0 0 11 11\" refX=\"12\" refY=\"5.2\" markerUnits=\"userSpaceOnUse\" markerWidth=\"11\" markerHeight=\"11\" orient=\"auto\">\u003Cpath d=\"M 1,1 l 9,9 M 10,1 l -9,9\" class=\"arrowMarkerPath\" style=\"stroke-width: 2; stroke-dasharray: 1, 0;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215098174_flowchart-v2-crossStart\" class=\"marker cross flowchart-v2\" viewBox=\"0 0 11 11\" refX=\"-1\" refY=\"5.2\" markerUnits=\"userSpaceOnUse\" markerWidth=\"11\" markerHeight=\"11\" orient=\"auto\">\u003Cpath d=\"M 1,1 l 9,9 M 10,1 l -9,9\" class=\"arrowMarkerPath\" style=\"stroke-width: 2; stroke-dasharray: 1, 0;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215098174_flowchart-v2-crossEnd-margin\" class=\"marker cross flowchart-v2\" viewBox=\"0 0 15 15\" refX=\"17.7\" refY=\"7.5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"12\" markerHeight=\"12\" orient=\"auto\">\u003Cpath d=\"M 1,1 L 14,14 M 1,14 L 14,1\" class=\"arrowMarkerPath\" style=\"stroke-width: 2.5;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cmarker id=\"diagram-1775215098174_flowchart-v2-crossStart-margin\" class=\"marker cross flowchart-v2\" viewBox=\"0 0 15 15\" refX=\"-3.5\" refY=\"7.5\" markerUnits=\"userSpaceOnUse\" markerWidth=\"12\" markerHeight=\"12\" orient=\"auto\">\u003Cpath d=\"M 1,1 L 14,14 M 1,14 L 14,1\" class=\"arrowMarkerPath\" style=\"stroke-width: 2.5; stroke-dasharray: 1, 0;\">\u003C\u002Fpath>\u003C\u002Fmarker>\u003Cg class=\"root\">\u003Cg class=\"clusters\">\u003C\u002Fg>\u003Cg class=\"edgePaths\">\u003Cpath d=\"M177.922,87L182.089,87C186.255,87,194.589,87,202.255,87C209.922,87,216.922,87,220.422,87L223.922,87\" id=\"diagram-1775215098174-L_A_B_0\" class=\" edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link\" style=\";\" data-edge=\"true\" data-et=\"edge\" data-id=\"L_A_B_0\" data-points=\"W3sieCI6MTc3LjkyMTg3NSwieSI6ODd9LHsieCI6MjAyLjkyMTg3NSwieSI6ODd9LHsieCI6MjI3LjkyMTg3NSwieSI6ODd9XQ==\" data-look=\"classic\" marker-end=\"url(#diagram-1775215098174_flowchart-v2-pointEnd)\">\u003C\u002Fpath>\u003Cpath d=\"M430.766,87L434.932,87C439.099,87,447.432,87,455.099,87C462.766,87,469.766,87,473.266,87L476.766,87\" id=\"diagram-1775215098174-L_B_C_0\" class=\" edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link\" style=\";\" data-edge=\"true\" data-et=\"edge\" data-id=\"L_B_C_0\" data-points=\"W3sieCI6NDMwLjc2NTYyNSwieSI6ODd9LHsieCI6NDU1Ljc2NTYyNSwieSI6ODd9LHsieCI6NDgwLjc2NTYyNSwieSI6ODd9XQ==\" data-look=\"classic\" marker-end=\"url(#diagram-1775215098174_flowchart-v2-pointEnd)\">\u003C\u002Fpath>\u003Cpath d=\"M623.439,60L632.282,55.833C641.126,51.667,658.813,43.333,671.156,39.167C683.5,35,690.5,35,694,35L697.5,35\" id=\"diagram-1775215098174-L_C_D_0\" class=\" edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link\" style=\";\" data-edge=\"true\" data-et=\"edge\" data-id=\"L_C_D_0\" data-points=\"W3sieCI6NjIzLjQzODg1MjE2MzQ2MTUsInkiOjYwfSx7IngiOjY3Ni41LCJ5IjozNX0seyJ4Ijo3MDEuNSwieSI6MzV9XQ==\" data-look=\"classic\" marker-end=\"url(#diagram-1775215098174_flowchart-v2-pointEnd)\">\u003C\u002Fpath>\u003Cpath d=\"M918.797,35L922.964,35C927.13,35,935.464,35,943.13,35C950.797,35,957.797,35,961.297,35L964.797,35\" id=\"diagram-1775215098174-L_D_E_0\" class=\" edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link\" style=\";\" data-edge=\"true\" data-et=\"edge\" data-id=\"L_D_E_0\" data-points=\"W3sieCI6OTE4Ljc5Njg3NSwieSI6MzV9LHsieCI6OTQzLjc5Njg3NSwieSI6MzV9LHsieCI6OTY4Ljc5Njg3NSwieSI6MzV9XQ==\" data-look=\"classic\" marker-end=\"url(#diagram-1775215098174_flowchart-v2-pointEnd)\">\u003C\u002Fpath>\u003Cpath d=\"M623.439,114L632.282,118.167C641.126,122.333,658.813,130.667,676.733,134.833C694.654,139,712.807,139,721.884,139L730.961,139\" id=\"diagram-1775215098174-L_C_F_0\" class=\" edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link\" style=\";\" data-edge=\"true\" data-et=\"edge\" data-id=\"L_C_F_0\" data-points=\"W3sieCI6NjIzLjQzODg1MjE2MzQ2MTUsInkiOjExNH0seyJ4Ijo2NzYuNSwieSI6MTM5fSx7IngiOjczNC45NjA5Mzc1LCJ5IjoxMzl9XQ==\" data-look=\"classic\" marker-end=\"url(#diagram-1775215098174_flowchart-v2-pointEnd)\">\u003C\u002Fpath>\u003C\u002Fg>\u003Cg class=\"edgeLabels\">\u003Cg class=\"edgeLabel\">\u003Cg class=\"label\" data-id=\"L_A_B_0\" transform=\"translate(0, 0)\">\u003CforeignObject width=\"0\" height=\"0\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" class=\"labelBkg\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"edgeLabel \">\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"edgeLabel\">\u003Cg class=\"label\" data-id=\"L_B_C_0\" transform=\"translate(0, 0)\">\u003CforeignObject width=\"0\" height=\"0\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" class=\"labelBkg\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"edgeLabel \">\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"edgeLabel\">\u003Cg class=\"label\" data-id=\"L_C_D_0\" transform=\"translate(0, 0)\">\u003CforeignObject width=\"0\" height=\"0\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" class=\"labelBkg\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"edgeLabel \">\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"edgeLabel\">\u003Cg class=\"label\" data-id=\"L_D_E_0\" transform=\"translate(0, 0)\">\u003CforeignObject width=\"0\" height=\"0\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" class=\"labelBkg\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"edgeLabel \">\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"edgeLabel\">\u003Cg class=\"label\" data-id=\"L_C_F_0\" transform=\"translate(0, 0)\">\u003CforeignObject width=\"0\" height=\"0\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" class=\"labelBkg\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"edgeLabel \">\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"nodes\">\u003Cg class=\"node default  \" id=\"diagram-1775215098174-flowchart-A-0\" data-look=\"classic\" transform=\"translate(92.9609375, 87)\">\u003Crect class=\"basic label-container\" style=\"\" x=\"-84.9609375\" y=\"-27\" width=\"169.921875\" height=\"54\">\u003C\u002Frect>\u003Cg class=\"label\" style=\"\" transform=\"translate(-54.9609375, -12)\">\u003Crect>\u003C\u002Frect>\u003CforeignObject width=\"109.921875\" height=\"24\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"nodeLabel \">\u003Cp>LLM Telemetry\u003C\u002Fp>\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"node default  \" id=\"diagram-1775215098174-flowchart-B-1\" data-look=\"classic\" transform=\"translate(329.34375, 87)\">\u003Crect class=\"basic label-container\" style=\"fill:#f59e0b !important\" x=\"-101.421875\" y=\"-27\" width=\"202.84375\" height=\"54\">\u003C\u002Frect>\u003Cg class=\"label\" style=\"color:#000 !important\" transform=\"translate(-71.421875, -12)\">\u003Crect>\u003C\u002Frect>\u003CforeignObject width=\"142.84375\" height=\"24\">\u003Cdiv style=\"color: rgb(0, 0, 0) !important; display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\" xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\">\u003Cspan style=\"color:#000 !important\" class=\"nodeLabel \">\u003Cp>Anomaly Detection\u003C\u002Fp>\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"node default  \" id=\"diagram-1775215098174-flowchart-C-2\" data-look=\"classic\" transform=\"translate(566.1328125, 87)\">\u003Crect class=\"basic label-container\" style=\"\" x=\"-85.3671875\" y=\"-27\" width=\"170.734375\" height=\"54\">\u003C\u002Frect>\u003Cg class=\"label\" style=\"\" transform=\"translate(-55.3671875, -12)\">\u003Crect>\u003C\u002Frect>\u003CforeignObject width=\"110.734375\" height=\"24\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"nodeLabel \">\u003Cp>Defense Agent\u003C\u002Fp>\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"node default  \" id=\"diagram-1775215098174-flowchart-D-3\" data-look=\"classic\" transform=\"translate(810.1484375, 35)\">\u003Crect class=\"basic label-container\" style=\"fill:#ef4444 !important\" x=\"-108.6484375\" y=\"-27\" width=\"217.296875\" height=\"54\">\u003C\u002Frect>\u003Cg class=\"label\" style=\"color:#fff !important\" transform=\"translate(-78.6484375, -12)\">\u003Crect>\u003C\u002Frect>\u003CforeignObject width=\"157.296875\" height=\"24\">\u003Cdiv style=\"color: rgb(255, 255, 255) !important; display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\" xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\">\u003Cspan style=\"color:#fff !important\" class=\"nodeLabel \">\u003Cp>Containment Actions\u003C\u002Fp>\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"node default  \" id=\"diagram-1775215098174-flowchart-E-4\" data-look=\"classic\" transform=\"translate(1071.3671875, 35)\">\u003Crect class=\"basic label-container\" style=\"fill:#22c55e !important\" x=\"-102.5703125\" y=\"-27\" width=\"205.140625\" height=\"54\">\u003C\u002Frect>\u003Cg class=\"label\" style=\"color:#fff !important\" transform=\"translate(-72.5703125, -12)\">\u003Crect>\u003C\u002Frect>\u003CforeignObject width=\"145.140625\" height=\"24\">\u003Cdiv style=\"color: rgb(255, 255, 255) !important; display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\" xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\">\u003Cspan style=\"color:#fff !important\" class=\"nodeLabel \">\u003Cp>Rollback \u002F Recovery\u003C\u002Fp>\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003Cg class=\"node default  \" id=\"diagram-1775215098174-flowchart-F-5\" data-look=\"classic\" transform=\"translate(810.1484375, 139)\">\u003Crect class=\"basic label-container\" style=\"\" x=\"-75.1875\" y=\"-27\" width=\"150.375\" height=\"54\">\u003C\u002Frect>\u003Cg class=\"label\" style=\"\" transform=\"translate(-45.1875, -12)\">\u003Crect>\u003C\u002Frect>\u003CforeignObject width=\"90.375\" height=\"24\">\u003Cdiv xmlns=\"http:\u002F\u002Fwww.w3.org\u002F1999\u002Fxhtml\" style=\"display: table-cell; white-space: nowrap; line-height: 1.5; max-width: 200px; text-align: center;\">\u003Cspan class=\"nodeLabel \">\u003Cp>SOC Analyst\u003C\u002Fp>\u003C\u002Fspan>\u003C\u002Fdiv>\u003C\u002FforeignObject>\u003C\u002Fg>\u003C\u002Fg>\u003C\u002Fg>\u003C\u002Fg>\u003C\u002Fg>\u003Cdefs>\u003Cfilter id=\"diagram-1775215098174-drop-shadow\" height=\"130%\" width=\"130%\">\u003CfeDropShadow dx=\"4\" dy=\"4\" stdDeviation=\"0\" flood-opacity=\"0.06\" flood-color=\"#000000\">\u003C\u002FfeDropShadow>\u003C\u002Ffilter>\u003C\u002Fdefs>\u003Cdefs>\u003Cfilter id=\"diagram-1775215098174-drop-shadow-small\" height=\"150%\" width=\"150%\">\u003CfeDropShadow dx=\"2\" dy=\"2\" stdDeviation=\"0\" flood-opacity=\"0.06\" flood-color=\"#000000\">\u003C\u002FfeDropShadow>\u003C\u002Ffilter>\u003C\u002Fdefs>\u003Ctext x=\"1176.9375\" y=\"194\" text-anchor=\"end\" fill=\"#6b7280\" stroke=\"#ffffff\" stroke-width=\"3\" paint-order=\"stroke\" font-size=\"11\" font-family=\"system-ui, sans-serif\" opacity=\"0.7\">coreprose.com\u003C\u002Ftext>\u003C\u002Fsvg>\n\u003C\u002Fdiv>\n\u003Cp>\u003Cstrong>Key takeaway:\u003C\u002Fstrong> Defense agents operationalize “detect, contain, recover” for AI, turning prompt-injection risk into concrete, automatable runbooks.\u003C\u002Fp>\n\u003Chr>\n\u003Ch2>Conclusion: Turning AI into a Security Control Plane\u003C\u002Fh2>\n\u003Cp>Runtime defense agents transform AI from a fragile attack surface into an active security control plane. By sandboxing tools, centralizing telemetry, and deploying autonomous defense agents, organizations can continuously observe, score, and intervene on LLM behavior across cloud and OT—before attackers do.\u003C\u002Fp>\n","As agentic LLMs gain direct control over cloud and OT, they become privileged insiders with machine-speed access to APIs, data, and control systems. Non-human identities (NHIs) will outnumber humans 8...","safety",[],970,5,"2026-02-11T21:54:36.390Z",[17,22,26,30,34,38,42,46,50,54],{"title":18,"url":19,"summary":20,"type":21},"Practical Security Guidance for Sandboxing Agentic Workflows and Managing Execution Risk","https:\u002F\u002Fdeveloper.nvidia.com\u002Fblog\u002Fpractical-security-guidance-for-sandboxing-agentic-workflows-and-managing-execution-risk\u002F","Practical Security Guidance for Sandboxing Agentic Workflows and Managing Execution Risk\n\nAI coding agents enable developers to work faster by streamlining tasks and driving automated, test-driven dev...","kb",{"title":23,"url":24,"summary":25,"type":21},"How Can Engineers Monitor and Respond to Evolving LLM-Based Security Incidents?","https:\u002F\u002Fwww.modernsecurity.io\u002Fpages\u002Fblog?p=how-engineers-monitor-respond-llm-security-incidents","AI Security\n\n October 18th, 2025 7 minute read\n\nEngineers in development and cybersecurity roles face escalating challenges from LLM-based security incidents, where large language models (LLMs) are ex...",{"title":27,"url":28,"summary":29,"type":21},"Agentic AI for next-gen cybersecurity operations","https:\u002F\u002Fwww.leewayhertz.com\u002Fagentic-ai-in-cybersecurity\u002F","Agentic AI for next-gen cybersecurity operations\n\nCyber threats are escalating in volume and sophistication, costing enterprises an average of [$4.88 million per breach in 2024]. Traditional security ...",{"title":31,"url":32,"summary":33,"type":21},"Securing GenAI Workloads in Azure: A Complete Guide to Monitoring and Threat Protection - AIO11Y | Microsoft Community Hub","https:\u002F\u002Ftechcommunity.microsoft.com\u002Fblog\u002Fmicrosoftdefendercloudblog\u002Fsecuring-genai-workloads-in-azure-a-complete-guide-to-monitoring-and-threat-prot\u002F4463145","Securing Azure OpenAI workloads requires a fundamentally different approach than traditional application security. While firewalls and SIEMs protect against conventional threats, they often miss AI-sp...",{"title":35,"url":36,"summary":37,"type":21},"Design Patterns for Securing LLM Agents against Prompt Injections","https:\u002F\u002Farxiv.org\u002Fhtml\u002F2506.08837v2","Abstract\nAs AI agents powered by Large Language Models (LLMs) become increasingly versatile and capable of addressing a broad spectrum of tasks, ensuring their security has become a critical challenge...",{"title":39,"url":40,"summary":41,"type":21},"Anatomy of an Attack Chain Inside the Moltbook AI Social Network The Agent Internet is Broken","https:\u002F\u002Fwww.penligent.ai\u002Fhackinglabs\u002Fanatomy-of-an-attack-chain-inside-the-moltbook-ai-social-network-the-agent-internet-is-broken\u002F","The internet is undergoing a phase transition from human-centric interaction to agent-centric execution. Platforms like the moltbook ai social network are no longer just social feeds; they are transac...",{"title":43,"url":44,"summary":45,"type":21},"How to Set Up Prompt Injection Detection for Your LLM Stack","https:\u002F\u002Fneuraltrust.ai\u002Fblog\u002Fprompt-injection-detection-llm-stack","How to Set Up Prompt Injection Detection for Your LLM Stack\n\nEduard Camacho • June 3, 2025\n\nContents\n\nWhy Prompt Injection Detection Matters Core Components of a Detection-Ready LLM Stack Anomaly Sign...",{"title":47,"url":48,"summary":49,"type":21},"The 6 security shifts AI teams can't ignore in 2026 - Gradient Flow","https:\u002F\u002Fgradientflow.com\u002Fsecurity-for-ai-native-companies-what-changes-in-2026\u002F","The AI-Native Security Playbook: Six Essential Shifts\n\nAs we expand from AI-assisted tools to AI-native operations, the security landscape is undergoing a structural transformation. Those building, sc...",{"title":51,"url":52,"summary":53,"type":21},"LLM Security Checklist: Essential Steps for Identifying and Blocking Jailbreak Attempts","https:\u002F\u002Fwww.lookout.com\u002Fblog\u002Fjailbreaking","LLM Security Checklist: Essential Steps for Identifying and Blocking Jailbreak Attempts\n\nIf your organization uses a private [large language model (LLM)](https:\u002F\u002Fwww.lookout.com\u002Fblog\u002Flarge-language-mo...",{"title":55,"url":56,"summary":57,"type":21},"From Prompt Injections to Protocol Exploits: Threats in LLM-Powered AI Agents Workflows","https:\u002F\u002Farxiv.org\u002Fhtml\u002F2506.23260v2","Autonomous AI agents powered by large language models (LLMs) with structured function-calling interfaces have greatly expanded capabilities for real-time data retrieval, computation, and multi-step or...",null,{"generationDuration":60,"kbQueriesCount":61,"confidenceScore":62,"sourcesCount":63},89101,12,100,10,{"metaTitle":6,"metaDescription":10},"en","https:\u002F\u002Fimages.unsplash.com\u002Fphoto-1726804973614-cf66e4882874?w=1200&h=630&fit=crop&crop=entropy&q=60&auto=format,compress",{"photographerName":68,"photographerUrl":69,"unsplashUrl":70},"Saung Digital","https:\u002F\u002Funsplash.com\u002F@saungdigital?utm_source=coreprose&utm_medium=referral","https:\u002F\u002Funsplash.com\u002Fphotos\u002Fa-group-of-statues-sitting-on-top-of-a-table-L_JF8Bgw6Io?utm_source=coreprose&utm_medium=referral",false,{"key":73,"name":74,"nameEn":74},"ai-engineering","AI Engineering & LLM Ops",[76,84,92,100],{"id":77,"title":78,"slug":79,"excerpt":80,"category":81,"featuredImage":82,"publishedAt":83},"69fc80447894807ad7bc3111","Cadence's ChipStack Mental Model: A New Blueprint for Agent-Driven Chip Design","cadence-s-chipstack-mental-model-a-new-blueprint-for-agent-driven-chip-design","From Human Intuition to ChipStack’s Mental Model\n\nModern AI-era SoCs are limited less by EDA speed than by how fast scarce verification talent can turn messy specs into solid RTL, testbenches, and clo...","trend-radar","https:\u002F\u002Fimages.unsplash.com\u002Fphoto-1564707944519-7a116ef3841c?ixid=M3w4OTczNDl8MHwxfHNlYXJjaHwxNnx8YXJ0aWZpY2lhbCUyMGludGVsbGlnZW5jZSUyMHRlY2hub2xvZ3l8ZW58MXwwfHx8MTc3ODE1NTU4OHww&ixlib=rb-4.1.0&w=1200&h=630&fit=crop&crop=entropy&auto=format,compress&q=60","2026-05-07T12:11:49.993Z",{"id":85,"title":86,"slug":87,"excerpt":88,"category":89,"featuredImage":90,"publishedAt":91},"69ec35c9e96ba002c5b857b0","Anthropic Claude Code npm Source Map Leak: When Packaging Turns into a Security Incident","anthropic-claude-code-npm-source-map-leak-when-packaging-turns-into-a-security-incident","When an AI coding tool’s minified JavaScript quietly ships its full TypeScript via npm source maps, it is not just leaking “how the product works.”  \n\nIt can expose:\n\n- Model orchestration logic  \n- A...","security","https:\u002F\u002Fimages.unsplash.com\u002Fphoto-1770278856325-e313d121ea16?ixid=M3w4OTczNDl8MHwxfHNlYXJjaHwxNnx8Y3liZXJzZWN1cml0eSUyMHRlY2hub2xvZ3l8ZW58MXwwfHx8MTc3NzA4ODMyMXww&ixlib=rb-4.1.0&w=1200&h=630&fit=crop&crop=entropy&auto=format,compress&q=60","2026-04-25T03:38:40.358Z",{"id":93,"title":94,"slug":95,"excerpt":96,"category":97,"featuredImage":98,"publishedAt":99},"69ea97b44d7939ebf3b76ac6","Lovable Vibe Coding Platform Exposes 48 Days of AI Prompts: Multi‑Tenant KV-Cache Failure and How to Fix It","lovable-vibe-coding-platform-exposes-48-days-of-ai-prompts-multi-tenant-kv-cache-failure-and-how-to-fix-it","From Product Darling to Incident Report: What Happened\n\nLovable Vibe was a “lovable” AI coding assistant inside IDE-like workflows.  \nIt powered:\n\n- Autocomplete, refactors, code reviews  \n- Chat over...","hallucinations","https:\u002F\u002Fimages.unsplash.com\u002Fphoto-1771942202908-6ce86ef73701?ixid=M3w4OTczNDl8MHwxfHNlYXJjaHwxfHxsb3ZhYmxlJTIwdmliZSUyMGNvZGluZyUyMHBsYXRmb3JtfGVufDF8MHx8fDE3NzY5OTk3MTB8MA&ixlib=rb-4.1.0&w=1200&h=630&fit=crop&crop=entropy&auto=format,compress&q=60","2026-04-23T22:12:17.628Z",{"id":101,"title":102,"slug":103,"excerpt":104,"category":97,"featuredImage":105,"publishedAt":106},"69ea7a6f29f0ff272d10c43b","Anthropic Mythos AI: Inside the ‘Too Dangerous’ Cybersecurity Model and What Engineers Must Do Next","anthropic-mythos-ai-inside-the-too-dangerous-cybersecurity-model-and-what-engineers-must-do-next","Anthropic’s Mythos is the first mainstream large language model whose creators publicly argued it was “too dangerous” to release, after internal tests showed it could autonomously surface thousands of...","https:\u002F\u002Fimages.unsplash.com\u002Fphoto-1728547874364-d5a7b7927c5b?ixid=M3w4OTczNDl8MHwxfHNlYXJjaHwxfHxhbnRocm9waWMlMjBteXRob3MlMjBpbnNpZGUlMjB0b298ZW58MXwwfHx8MTc3Njk3NjU3Nnww&ixlib=rb-4.1.0&w=1200&h=630&fit=crop&crop=entropy&auto=format,compress&q=60","2026-04-23T20:09:25.832Z",["Island",108],{"key":109,"params":110,"result":112},"ArticleBody_iEbQmJwUglesQtC1KUsxbfOsXBXdr4zIkoxPeIeAMQ",{"props":111},"{\"articleId\":\"698cf43483368a9e468b5035\",\"linkColor\":\"red\"}",{"head":113},{}]