Agents are the New API Client

Welcome to AI Confidential, your biweekly breakdown of the most interesting developments in confidential AI.

Today we’re exploring:

• The rise of software made specifically for AI agents

• The development of the first-ever privacy-enhanced smartphone

• Trending open source projects you should know about

Also mentioned in this issue: Marco Palladino, Chester Leung, Nelly Porter, Mark Russinovich, Jason Clinton, Theresa Tung, Daniel Rohrer, João Moura, Atin Sanyal, Aaron Fulkerson, Brian Singer, Kong, Unite.AI, IBM, Unplugged, OpenAI, Qwen-Image, MetaStone AI, and Brilliant Labs.

Let’s dive in!

The way we build software is becoming less human-centric. Should we be concerned, or excited?

In this week’s episode of The AI Confidential Podcast, we dive deep into one of the biggest shifts in modern tech: the rise of AI agents as the primary users of software. 

Sitting down with Marco Palladino, Co-Founder and CTO of Kong, we listened as he broke down how this shift started—and how it’s changing the way teams build, secure, and ship code.

For decades, developers created software for people.

But now, it’s AI agents making the requests, pulling the data, and making decisions on their own, turning the API development world on its head.

Marco explained it like this:

Soon, agents will be able to scan your calendar, notice you have a trip coming up, and book a hotel reservation within your price range—all without you having to lift a finger. 

This kind of automation unlocks real productivity, but it also introduces new risks, Marco warns. 

AI isn’t good at admitting what it doesn’t know, meaning chatbots regularly generate incorrect answers and present them as the truth.

In closed systems, this isn’t a big deal. 

But, when we’re talking about software made specifically for AI agents only, there are lots of potential pitfalls like prompt injection attacks, hallucinations, limited visibility and oversight, and data leaks.

Also in the episode, we chat with Marco about other API and AI-related topics, including:

• Why AI governance is becoming such a big challenge

• Why confidential AI matters more than ever

• How enterprises can prepare for agentic workflows

We had a blast chatting tech with Marco. Tune in to hear the full conversation, and don’t forget to subscribe so you never miss an episode!

Keeping it Confidential

How many API endpoints does the average enterprise have?

1. 57

2. 383

3. 613

4. 805

See the answer at the bottom.

Code for Thought

Important AI news in <2 minutes

🏢 20% of enterprises faced a security breach because of “shadow AI,” adding $670,000 to their financial damages, IBM’s latest report found. 

⚠️ 22 frontier AI agents were hit with more than 1.8 million prompt injection attacks during a recent red teaming competition, with 60,000 of those attacks resulting in sensitive data leaks.

💣 AI agents can be weaponized to plan and carry out realistic cyberattacks with little human direction, a Carnegie Mellon study found, signaling the beginning of autonomous AI threat actors.

📱Unplugged relaunched UP Phone, a smartphone designed to keep user data within the device as a privacy-enhanced alternative to iPhones and Androids. 

🔒 OpenAI revoked an experimental feature that let ChatGPT users make their conversations findable on search engines, citing privacy and security concerns.

Community Roundup

Updates involving OPAQUE and our partners

🎥 Couldn’t make it to the 2025 Confidential Computing Summit™, or want to rewatch some of your favorite sessions? We’ve got you!

All 70+ panels and workshops are now available on demand, including talks from industry leaders like:

• Nelly Porter from Google

• Mark Russinovich from Microsoft Azure

• Jason Clinton from Anthropic

• Theresa Tung from Accenture

• Daniel Rohrer from NVIDIA

• João Moura from CrewAI

• Atin Sanyal from Galileo

• Aaron Fulkerson from OPAQUE

• And so many more!

Explore every keynote, panel, and workshop from the summit by checking out our VOD library now.

OPAQUE in the wild

OPAQUE’s own Chester Leung is the latest interviewee with Unite.AI, and we couldn’t be prouder.

As a part of their interview series, Chester sat down to talk about his past, present, and future, including:

✔️ His time in the UC Berkeley RISELab

✔️ Why he co-founded OPAQUE

✔️ What he’s learned about balancing AI adoption and security guarantees

✔️ Why he thinks secure-by-design is the future of AI

Give the full interview a read to learn more!

Open source spotlight 

🖼️ Alibaba unveiled Qwen-Image, a text-to-image model that outperforms existing models in text rendering, image editing, and bilingual support. 

🧠 OpenAI dropped its first open-source reasoning models, gpt-oss-20B and gpt-oss-120b, which help designers, researchers, and companies fine-tune specific tasks. 

🧮 MetaStone AI launched XBai-o4, an open-source reasoning model that surpasses Anthropic’s Claude 4 Opus model on math, coding, and reasoning benchmarks. 

👓 Brilliant Labs launched open-source Halo AI glasses, made with a built-in AI agent that can build custom apps through voice commands, converse with wearers, and store memories.

Quotable

💡 “Right now, only big companies can afford to run professional tests on their networks via expensive human red teams, and they might only do that once or twice a year. In the future, AI could run those tests constantly, catching problems before real attackers do. That could level the playing field for smaller organizations.” 

— Brian Singer, PhD candidate in electrical and computing engineering at Carnegie Mellon

Trivia answer: 613

According to an IBM report, the average enterprise has over 613 API endpoints. And while these APIs help advance workflows and accelerate development, they are also vulnerable portals for cyberattacks. Talk about a catch-22.

Stay confidential!

- Your friends at OPAQUE

ICYMI: Links to past issues

• 3 New Ways to Tackle AI Security

• On, In, & Transparent: A New AI Framework

• The Internet of Agents is Coming