we are building data breach machines and nobody cares

AI agents are fundamentally just loops making LLM API calls, but the industry is racing ahead without adequate security standards. The post argues that the fragmentation across frameworks (LangGraph, CrewAI, AutoGen) and inconsistent LLM APIs (OpenAI, Anthropic, Google) makes it impossible to build reliable, secure agentic systems. Key security risks include agents with unchecked access to sensitive data, prompt injection vulnerabilities, and non-deterministic behavior that can't be reliably debugged or reproduced. The author dismisses industry platitudes about 'security by design' and 'AI-enabled defenses,' arguing instead for proven tools: anomaly-detection models, circuit breakers, IAM with short-lived credentials, and behavioral monitoring of agentic workloads. The core thesis is that since LLMs are inherently untrustworthy and standards won't arrive in time, security must govern the data layer and actions taken, not the agent itself.