ZeroID is a new open-source identity and credentialing platform designed specifically to address the attribution challenges in agentic workflows. It provides a verifiable delegation chain using RFC 8693 token exchange, ensuring that when orchestrator agents spawn sub-agents, every action remains traceable back to the original authorizing principal while maintaining strict permission boundaries.
Key features and details:
- Implements verifiable delegation chains for multi-agent systems
- Supports real-time revocation via OpenID Shared Signals Framework (SSF) and CAEP
- Offers SDKs for Python, TypeScript, and Rust
- Integrates with frameworks like LangGraph, CrewAI, and Strands
- Provides a containerized deployment model backed by PostgreSQL
Key features and details:
- Implements verifiable delegation chains for multi-agent systems
- Supports real-time revocation via OpenID Shared Signals Framework (SSF) and CAEP
- Offers SDKs for Python, TypeScript, and Rust
- Integrates with frameworks like LangGraph, CrewAI, and Strands
- Provides a containerized deployment model backed by PostgreSQL
This article examines the development of Microsoft’s Azure SRE Agent, designed to mitigate operational toil in mission-critical environments. By utilizing an "agentic workflow" of specialized AI agents, Microsoft has integrated automation across the entire software development lifecycle. This human-AI partnership has autonomously resolved over 35,000 incidents and saved more than 50,000 developer hours, accelerating root cause analysis and mitigation while maintaining rigorous governance and human oversight.
This article explains how to implement function calling with Google’s Gemma 3 27B model. It covers the concept of function calling, the step‑by‑step workflow, and provides a practical example using a Python `convert` function to turn $200,000 into EUR. The post walks through prompting Gemma, parsing its `tool_code` output, executing the function with `eval`, and returning a friendly final response. It also demonstrates how to set up the Google‑GenAI SDK, create a chat session, and extract tool calls. The discussion highlights Gemma’s multilingual, multimodal, and agentic capabilities, making it suitable for real‑world AI assistants that need to interact with external APIs and tools.
GitHub Agentic Workflows are built with isolation, constrained outputs, and comprehensive logging. Learn how our threat model and security architecture help teams run agents safely in GitHub Actions.
This post explains how we built Agentic Workflows with security in mind from day one, starting with the threat model and the security architecture that it needs. It details the defense in depth approach using substrate, configuration, and planning layers, emphasizing zero-secret agents through isolation and careful exposure of host resources. It also highlights the staging and vetting of all writes using safe outputs, and comprehensive logging for observability and future information-flow controls.
This post explains how we built Agentic Workflows with security in mind from day one, starting with the threat model and the security architecture that it needs. It details the defense in depth approach using substrate, configuration, and planning layers, emphasizing zero-secret agents through isolation and careful exposure of host resources. It also highlights the staging and vetting of all writes using safe outputs, and comprehensive logging for observability and future information-flow controls.
Agentic workflows are rapidly accelerating the volume of pull requests, and validation is quickly becoming the most critical bottleneck. Teams using service meshes like Istio are well-positioned to solve it in ephemeral environments.
