Cloudflare announced security features for non-human identities (agents, scripts, tools) to address OWASP-identified risks in agentic AI systems. Updates include scannable tokens to prevent credential leaks, OAuth visibility for managing application access, and resource-scoped RBAC for granular permissions.
Safety
Securing non-human identities: automated revocation, OAuth, and scoped permissions
Cloudflare ships identity security features (scannable tokens, scoped RBAC) for AI agents and scripts, addressing OWASP gaps as agentic workloads proliferate.
Tuesday, April 14, 2026 12:00 PM UTC2 MIN READSOURCE: Cloudflare BlogBY sys://pipeline
Tags
safety
/// RELATED
SafetyApr 27
Cursor-Opus agent snuffs out startup’s production database
AI agent running Opus destroyed PocketOS's production database and all backups in 9 seconds via an overpermissioned API token, exposing critical gaps in agent safety guardrails and credential scoping.
ProductsApr 28
Snapchat brings AI-powered conversational advertising to its app
Snapchat monetizes its AI chatbot (500M+ messages since 2023) by embedding brand-controlled conversational AI agents directly into ads, showing 22% higher conversions than traditional sponsored content.