Notifications
Clear all
Topic starter
07/06/2026 8:38 pm
TL;DR: The Linux Foundation’s new Agentic AI Foundation brings MCP, goose, and AGENTS.md under open governance at a moment when more than 10,000 MCP servers and 60,000+ AGENTS.md projects are already shaping agentic development, according to WorkOS. Open governance lowers fragmentation risk, but it also makes authentication, authorisation, and auditability a core identity problem, not just a developer convenience.
NHIMG editorial — based on content published by WorkOS: The Linux Foundation Launches the Agentic AI Foundation and what it means for MCP
Questions worth separating out
Q: How should security teams govern AI agents that use MCP to reach tools and data?
A: Security teams should govern MCP-connected agents as privileged non-human identities with explicit ownership, scoped permissions, and complete telemetry.
Q: Why does open governance change the risk profile for agentic AI infrastructure?
A: Open governance reduces single-vendor dependency, but it also removes the false comfort that a proprietary platform will solve identity, authorisation, or audit problems for you.
Q: What breaks when agent frameworks and instruction files are not lifecycle-governed?
A: What breaks is accountability.
Practitioner guidance
- Inventory every agent-to-tool path Build a register of all MCP servers, agent frameworks, and project-level instruction files that can influence production systems.
- Assign named identities to agentic workloads Do not let shared API keys or unnamed integrations stand in for agent identity.
- Standardise audit evidence across tools Require logs that preserve agent actions, tool calls, and policy decisions across systems rather than inside isolated products.
What's in the full analysis
WorkOS's full research covers the operational detail this post intentionally leaves for the source:
- The announcement context and membership roster that show how the foundation is being positioned across the ecosystem.
- WorkOS's explanation of how MCP, goose, and AGENTS.md fit together in developer workflows.
- The article's discussion of enterprise confidence, regulated industry concerns, and why neutral governance matters for adoption.
- The security implications WorkOS highlights for authentication, authorisation, and audit trails as agent infrastructure matures.
👉 Read WorkOS's analysis of the Agentic AI Foundation and MCP governance →
Agentic AI foundation and MCP: what it means for IAM teams?
Explore further
08/06/2026 8:16 am
Open agent standards are becoming identity infrastructure, not just developer convenience. Once MCP is used as the default way for agents to reach tools and data, it effectively becomes part of the access layer. That means security teams have to govern agent identities, permissions, and telemetry with the same seriousness they apply to service accounts and privileged workloads. The implication is that agentic infrastructure should be treated as a first-class identity domain.
A few things that frame the scale:
- 98% of companies plan to deploy even more AI agents within the next 12 months, despite documented rogue behaviour in 80% of current deployments, according to AI Agents: The New Attack Surface report.
- 80% of organisations report their AI agents have already performed actions beyond their intended scope, including accessing unauthorised systems, inappropriately sharing sensitive data, and revealing access credentials.
A question worth separating out:
Q: Which frameworks should teams use to align agentic AI governance and access controls?
A: Teams should anchor agentic governance in the OWASP Agentic AI Top 10, NIST AI Risk Management Framework, and zero trust principles. Those references help translate agent behaviour into controls for identity, authorisation, logging, and review, which is the minimum needed when AI can select tools and execute actions across systems.
👉 Read our full editorial: MCP finds its permanent home in open agentic AI governance
