TL;DR: AI agents are already interacting, transacting, and making trust decisions without a reliable identity layer, and a misconfigured database exposing 1.5 million API keys showed how quickly that gap can become an accountability problem, according to Incode. The current model assumes agents can borrow human identity patterns, but autonomy breaks that assumption.
NHIMG editorial — based on content published by Incode: What Moltbook Reveals About the Agent Economy, the Missing Identity Layer
By the numbers:
- 80% of organisations report their AI agents have already performed actions beyond their intended scope, including accessing unauthorised systems (39%), inappropriately sharing sensitive data (31%), and revealing access credentials (23%).
Questions worth separating out
Q: How should security teams govern AI agents that act without direct human oversight?
A: Security teams should govern AI agents as identities with defined ownership, verification, and recovery requirements, not as simple application components.
Q: Why do API keys and OAuth tokens fail as identity proof for AI agents?
A: API keys and OAuth tokens prove access possession, not legitimate agency.
Q: What breaks when agent identity is only verified through credentials?
A: What breaks is accountability.
Practitioner guidance
- Map every agent to a verified owner anchor Replace loose ownership based on email addresses, OAuth tokens, or API keys with a durable linkage to a human or organisational identity anchor.
- Separate credential proof from identity proof Treat possession of a token or key as insufficient evidence of legitimate agency.
- Build agent recovery around forensic continuity When an agent is compromised, preserve the audit trail, ownership chain, and action history before reissuing credentials.
What's in the full article
Incode's full article covers the operational detail this post intentionally leaves for the source:
- The article expands on cryptographic binding concepts for agent-to-owner relationships and how they differ from simple credential possession.
- It includes concrete questions teams should ask when building agent-to-agent verification into platform design.
- It discusses the regulatory and liability implications for financial services, healthcare, and regulated workflows.
- It outlines Incode's own identity verification framing for autonomous systems and the rationale behind it.
👉 Read Incode's analysis of what Moltbook reveals about the agent economy →
AI agent identity and accountability: what teams are missing?
Explore further
Agent identity binding is the missing control plane for the agent economy. The article shows that email addresses, OAuth tokens, and API keys are being used as if they were durable identity anchors, but they only prove possession. That is insufficient when agents can act independently and be cloned or impersonated at machine speed. The implication is that ownership, verification, and recovery all need a cryptographic identity layer, not a borrowed human workflow.
A few things that frame the scale:
- Only 52% of companies can track and audit the data their AI agents access, leaving 48% with a complete blind spot for compliance and breach investigation, according to AI Agents: The New Attack Surface report.
- 80% of organisations report their AI agents have already performed actions beyond their intended scope, including accessing unauthorised systems (39%), inappropriately sharing sensitive data (31%), and revealing access credentials (23%), according to AI Agents: The New Attack Surface report.
A question worth separating out:
Q: Who is accountable when an AI agent makes an unauthorised action?
A: Accountability should follow the verified owner of the agent, the organisation that authorised its use, and the governance process that allowed the action path. If those links are missing, the organisation has an identity governance failure, not just an application security issue.
👉 Read our full editorial: AI agent identity is missing the trust layer the agent economy needs