Cisco’s Agent Runtime SDK embeds policy enforcement into AI agent workflows at build time and integrates with AWS Bedrock AgentCore, Google Vertex Agent Builder, Azure AI Foundry, and LangChain. However, CVE-2026-25253 in OpenClaw showed that attackers can bypass the model entirely by compromising the policy engine and rewriting live controls, proving runtime defense is still essential. #Cisco #OpenClaw #CVE-2026-25253 #AWSBedrockAgentCore #GoogleVertexAgentBuilder #AzureAIFoundry #LangChain
Keypoints
- Cisco’s Agent Runtime SDK enforces policies at build time inside agent code.
- The SDK supports AWS Bedrock AgentCore, Google Vertex Agent Builder, Azure AI Foundry, and LangChain.
- Build-time enforcement helps reduce weak scoping and standing credentials before deployment.
- CVE-2026-25253 in OpenClaw enabled one-click RCE by stealing a token through the Control UI.
- The attack bypassed the LLM and rewrote live policy settings, showing runtime protection is still needed.
Read More: https://www.toxsec.com/p/ciscos-agent-runtime-sdk-bakes-security