KCP¶

May 8, 2026
in Security, AI-Augmented Development, KCP
13 min read

Why KCP Is Passive Data, Not Executable Config — And Why That Matters Now

The Architecture of Safe Context — passive data vs executable config

Yesterday, Adversa AI disclosed a vulnerability they call TrustFall. The mechanic is straightforward: a .mcp.json or .claude/settings.json file checked into a repository can silently configure and launch arbitrary MCP servers when a developer opens the project. The developer sees a trust dialog — "Trust this folder?" — clicks yes, and processes spawn with their full user privileges. Claude Code, Gemini CLI, Cursor CLI, and Copilot CLI are all affected. In CI/CD pipelines, where there is no human to click, the execution is zero-click.

May 7, 2026
in AI Engineering, KCP
6 min read

Making Ægis Machine-Readable in One Session

An AI-era consulting company that isn't machine-readable is a contradiction. Clients evaluating you will use AI to do it. Agents will look up your services, your methodology, your pricing model. If the only thing they find is a wall of HTML, you're invisible to half the evaluation pipeline before the first conversation starts.

So I spent a session making ægis.no properly machine-readable. Not just an LLM-friendly page — actually structured, federated, and cryptographically signed. Here's what I did and what I learned.

May 7, 2026
in AI-Augmented Development, Knowledge Infrastructure, KCP
16 min read

How Agents Navigate the Agentic Web

Every agent session begins the same way. A process starts. A context window opens. And the agent looks around.

What happens next depends entirely on what is there to find.