1Password CTO Nancy Wang discusses the critical security risks posed by local AI agents and the urgent need for robust identity management and sandboxing in software development.

Key points

• Local AI agents, such as Open Claude, present significant security risks by accessing sensitive local files, terminals, and browser data.
• 1Password is developing agent security platforms that utilize runtime signals and user behavior to broker access rather than granting long-lived credentials.
• The company emphasizes a zero-knowledge architecture and confidential computing enclaves to protect credentials from unauthorized agent access.
• Security experts recommend isolating agent runtime environments and restricting access to specific file paths to minimize the potential blast radius of malicious skills.
• The industry is shifting toward verifiable digital credentials and workload identity protocols to maintain accountability for ephemeral AI agents.

As AI agents gain the ability to autonomously execute tasks on local devices, they create new vulnerabilities that traditional security tools are not yet equipped to handle. Establishing secure identity and access controls is essential for enterprises to adopt these productivity-boosting tools without compromising sensitive data.