Zenity, a leading provider of security and governance solutions for AI agents, has unveiled runtime protection for OpenAI’s AgentKit, designed to deliver enterprise-grade safeguards against data leaks, credential exposure, and unsafe agent behavior. The new capability enforces real-time, policy-based controls to detect and block malicious or noncompliant actions before responses reach end users.
The announcement follows new research from Zenity Labs, which identified critical vulnerabilities in OpenAI’s AgentKit guardrails. These gaps—caused by techniques such as prompt injection, response obfuscation, and credential exposure—could be exploited to bypass traditional security measures. Zenity’s new runtime protection directly addresses these weaknesses by inspecting agent behavior at the endpoint, applying deterministic rules that guarantee predictable and enforceable outcomes.
OpenAI’s AgentKit allows developers to create autonomous agents using tools like Agent Builder, ChatKit, and the Connector Registry, streamlining deployment but also expanding the potential attack surface. As enterprises increasingly adopt AgentKit for internal and customer-facing workflows, ensuring robust security and compliance has become critical.
Also Read: Upwind Redefines Cloud Security with Launch of Dynamic Exposure Validation Engine
Zenity’s protection system continuously monitors interactions between users and AI agents, providing:
-
Data Leakage Detection – Blocks unauthorized sharing of sensitive or regulated data.
-
Secrets Exposure Prevention – Detects and halts embedded credentials or API keys before release.
-
Unsafe Response Blocking – Prevents outputs that violate corporate policy or compliance standards.
“AgentKit accelerates how AI agents are built and scaled, but it also expands the attack surface overnight,” said Michael Bargury, CTO and co-founder of Zenity. “Our research shows that AgentKit’s guardrails can miss critical risks—from subtle prompt injections to hidden data leakage. Zenity’s runtime protection closes that gap by inspecting every response, understanding intent, and enforcing security policies.”
With this launch, Zenity strengthens its position as a key player in AI security—helping enterprises innovate with confidence while keeping their AI ecosystems compliant and secure.