Running AI agents safely in CI/CD: a 2026 hardening guide.
May 29, 2026•14 min read
Running AI agents safely in CI/CD: a 2026 hardening guide
The Comment and Control disclosures in 2025 showed a PR title can be enough to exfiltrate ANTHROPIC_API_KEY and GITHUB_TOKEN from CI-resident AI agents. Here is where the secrets actually live in a GitHub Actions run, the OIDC and egress patterns that shrink the blast radius, and a worked example.
Priyansh Khodiyar