Members-Only
Recent Talks & Demos are for members only
You must be an AI Tinkerers active member to view these talks and demos.
Railpath: AI Agent File Security
This talk demonstrates how Railpath secures AI agents and MCP servers by preventing unauthorized file access through path-based controls and real-time monitoring.
Railpath is a Python security library that provides granular control over file system access for AI systems, specifically targeting agents built with Large Language Models (LLMs) and Model Context Protocol (MCP) servers. Our solution addresses a critical vulnerability in LLMs where they can be manipulated into accessing unauthorized files, potentially resulting in data exfiltration.
This vulnerability was recently documented in Invariant Labs’ comprehensive report on MCP “tool poisoning” attacks, where researchers demonstrated how seemingly benign prompts could be crafted to bypass intended access controls.
The demonstration will show the security vulnerability in unsecured agents by showcasing how they can be tricked into accessing unauthorized files. We will then contrast this with agents and MCP servers protected by Railpath, illustrating how the solution effectively prevents unauthorized file access through its security controls.