A new agent coding concept uses an invisibility cloak to provide security by design for vibe-coded apps.
AI coding is a boon, a threat, and an opportunity. Development becomes dramatically easier. Although it threatens the release of insecure apps, it provides an opportunity to achieve true security by design.
The fundamental problem is that it took the security industry 50 years to learn that the Internet perimeter that needs protection is the separate identity of every entity involved. We are learning that now, but only after decades of applying various layers of security that were unnecessary if the Internet itself had been built securely by design.
But now that AI coding has taken over the internet, everything we’ve learned over the past 50 years is at risk of being thrown away. Rather than building apps that are secure by design, AI coding builds apps for speed and ease of development. New apps are being built by anyone, with or without coding or security expertise, and contain open source code that includes unsecured identities and known vulnerabilities.
Atsign launched AI Architect to tackle this problem. This issue was recently summarized by Broadband-Testing Ltd. “Securing these generated or agent apps is not always at the top of the ‘to do’ list before launching an app into the world. This is sugar-coated ethereal candy for cyber attackers, especially if your app is in a supply chain environment. However, companies are under pressure to make the most of the “AI moment” and gain a long-standing competitive advantage over rivals. We simply want more AI apps out there. ”
As a result, new apps are more likely to contain unknown vulnerabilities. However, a key element of Atsign’s approach to security is that identity is the primary attack vector for nearly all vulnerabilities. Once your identity is protected, your vulnerability remains, but it is neutralized.
Learn more at the AI Risk Summit | Ritz-Carlton, Half Moon Bay
Atsign already has experience in this field. Protect all human and non-human identities through advanced encryption. Adversarial scans don’t care about your identity and can’t recognize any cryptographic codes. Therefore, the identity is invisible to the attacker. Attackers can’t attack what they can’t see, and they can’t exploit vulnerabilities via credentials.
Now, Atsign has incorporated this concept into its AI coding process using its AI Architect product. AI Architect adds security value to vibecoding. “Most AI development tools stop at code generation, but enterprise AI development doesn’t start with code, it starts with architecture, governance, security boundaries, and system behavior,” explains Aparna Rayasam, CEO of Atsign. This is what AI architects are for. It generates finely tuned and precise prompts that help developers specify the purpose of their app and forces the agent to generate only safe and relevant code.
This process is independent of the coding agent and LLM selected by the developer. All you need to do is configure the agent to use AI Architect’s own custom MCP server.
MCP (referred to as AAIA for “Assign AI Architect”) is a set of mechanisms and policies that ensure that all interactions between all participating resources are authenticated, authorized, encrypted, and governed by the context provided. Each resource is assigned its own unique cryptographic identity and assigned permissions and policies that control what each identity can do.
The encryption key is a non-custodial key, so it belongs only to the developer and cannot be stolen from Atsign’s relay servers. Even if the Atsign server were to be compromised, it would likely only contain ciphertext, not plaintext or credentials.
These measures make all the resources used in app development invisible to attackers. There are no ports left open, no public APIs, and nothing for an attacker to scan. AI Architect’s agent-coded apps maintain Atsign’s notion of security through invisibility.
This tool helps users build a “blueprint.” An overview of the purpose of the app. Major coding agents are increasingly allowing this to avoid hallucinatory effects in the coding process.
In this case, the blueprint is developed within AI Architect. The blueprint, combined with MCP’s security rules and build instructions, generates and exports a JSON-based prompt with all necessary steps and SDK references. Users paste these prompts into their coding agent of choice, and the agent builds the app. This process builds context-based, deterministic, and accurate prompts that prevent coding agents from adding to or misunderstanding prompt instructions.
Developers can enjoy the speed and ease of agent coding, and CISOs can release apps to the world with greater confidence.
The design concept behind AI Architect is solid. The aim is to create AI-generated apps that look like polished steel balls. This steel ball is not invisible to enemies, but it is difficult to find structural flaws that would allow it to penetrate. Even if an attacker were to get inside the app, there would be nothing they could exploit. All credentials are hidden by an encrypted cloak of invisibility. This is security by design. The design is completely invisible.
Learn more at the AI Risk Summit | Ritz-Carlton, Half Moon Bay
related: The Credential Crisis: How Stolen Credentials Break Modern Security
related: The West of Agentic AI – The attack surface that CISOs can’t ignore
related: Venom Stealer ups the ante with continuous credential collection
related: OWASP Incubator project helps developers find and fix vulnerable dependencies in seconds
