Skip to main content

Sigil Blog

Security research for AI tooling

Threat analysis, supply chain intelligence, and practical guides for developers building with AI.

Anatomy of a Supply Chain Attack on AI Agents
security

Anatomy of a Supply Chain Attack on AI Agents

Step-by-step walkthrough of a malicious MCP server that exfiltrates API keys via postinstall hooks, and how Sigil detects each attack stage.

Feb 20, 2026
Why We Built Sigil
industry

Why We Built Sigil

No tool was checking if code was malicious. Sigil quarantines packages before execution, detects behavioral threats, and shares community intelligence.

Feb 20, 2026
Best Supply Chain Security Tools for AI Code 2026
reviews

Best Supply Chain Security Tools for AI Code 2026

This guide reviews the best 2026 tools for securing AI agent code and software supply chains. It compares CVE-focused SCA with behavior-based scanners and pre-install quarantine tools, highlighting ideal combinations for modern developer workflows.

Feb 20, 2026

Subscribe to Sigil threat research

New threat analysis, detection signatures, and security research delivered to your inbox.