⚒ ACG ⚒

ACG Continuous Security Assurance

Independent, vendor-neutral verification that AI-generated code and agent behaviour meet open security standards — continuously, not once a year.

The security of AI-assisted software cannot be established by a tool you bought or an audit you ran last quarter. AI-generated code is vulnerable often enough, and autonomous agents change their own behaviour fast enough, that point-in-time checks miss what matters. The market has answered with proprietary "security fabrics" that watch your code — and quietly bind your security posture to a single vendor's roadmap. The Guild proposes a different answer: continuous, independent human assurance that whatever tooling you already use is actually meeting the open, vendor-neutral standards the industry agrees on — verified on the cadence your AI-assisted work actually moves at.

Free Download

ACG AI Security Baseline Checklist

A practitioner-grade checklist consolidating the open security canon — OWASP Agentic Top 10, OWASP LLM Top 10, SAFE-MCP, and NIST AI Agent Standards guidance — into a single baseline you can run against your own stack. Use it as a self-assessment, or as the starting point for a continuous assurance engagement.

⬇ Download PDF

The Assurance Gap

Two things are now true at once, and the space between them is where risk lives.

First, the standards have matured. There is now a credible, open, vendor-neutral canon for what "secure AI-assisted development" means — the OWASP Top 10 for Agentic Applications, the OWASP Top 10 for LLM Applications, the SAFE-MCP baseline adopted by the Linux Foundation, and NIST's AI Agent Standards Initiative. These are peer-reviewed, owned by no company, and freely available.

Second, the enforcement tooling has proliferated — some commercial, some open-source and free. Capable instruments now exist to watch code, models, and agents in real time.

What is missing is the layer between them: impartial human judgment that connects the standards to your specific stack. Which standards actually apply to your architecture? Are your tools configured to enforce them, or producing reassuring dashboards that verify nothing? Does your agent setup pass the OWASP Agentic Top 10 in practice, not just on a slide? A vendor cannot answer these questions about a stack that includes its competitors. An internal team rarely has the specialised, current knowledge. And a one-off audit answers them for a single day, then expires.

That gap is the entire offering that the Guild is planning to implement. The Guild sells no security tooling, no fabric, no platform — which is precisely what will let it judge yours honestly.

The Guild's Neutrality Is the Product

Guild Position

Every commercial security vendor eventually has to admit, in writing, "the standards are vendor-neutral; we are not." The Guild never has to. We have no platform to sell you, no lock-in to protect, and no incentive except the accuracy of our assessment. Independence is not a feature of this service. It is the service.

What We Plan To Assure Against

The Guild does not plan to invent a competing standard — the last thing this field needs is another proprietary taxonomy. We plan to assemble the open, peer-reviewed canon into a single practitioner-grade baseline and verify your posture against it.

OWASP Top 10 for Agentic Applications (2026)

Goal hijacking, tool misuse, identity & privilege abuse, memory poisoning, cascading failures, rogue agents.

OWASP Top 10 for LLM Applications

Prompt injection, insecure output handling, training-data and supply-chain exposure.

SAFE-MCP Baseline

Protocol-level risks for Model Context Protocol systems: model misbinding, context spoofing, tool-chain integrity.

NIST AI Agent Standards Initiative

Emerging guidance on agent identity, behaviour, and security.

Applicable Regulatory Obligations

Where relevant, the EU AI Act's high-risk obligations and comparable regimes, mapped to your actual exposure.

The canon evolves. Part of the value of a continuous relationship is that your baseline moves with it — you should be assured against what the standards say today, not what they said when you last ran a check.

How We Envision The Assurance Practice

Step 1

Baseline Establishment

We begin by mapping your actual AI-assisted development surface: where AI generates code, which agents run, what tools they can invoke, what they can touch in production. From that map we determine which standards genuinely apply — and which do not — and document a baseline specific to your system rather than a generic checklist. You leave this stage knowing exactly what "secure" means for your architecture.

Step 2

Tool-Agnostic Posture Verification

We assess whatever you already use — a commercial platform, the open-source governance toolkits, OWASP's own open instruments, homegrown scripts, or nothing yet — and verify whether the resulting posture actually meets the baseline. The question is never "do you own the right product." It is "is your real configuration enforcing the standard, or is it security theatre." Where there are gaps, we tell you plainly, and we recommend remediation without steering you toward any vendor.

Step 3

Continuous Review, Cadenced to Your Work

Point-in-time audits expire the moment the next AI-assisted sprint ships. The Guild's review recurs on the cadence your work actually moves at — re-examining the things that change fastest and carry the most risk: agent permissions, new tool integrations, dependency additions, prompt and system-message changes, and shifts in what agents are allowed to do autonomously. This is not software embedded in your pipeline. It is independent expert scrutiny that returns often enough to matter.

Step 4

Agent Behaviour & Architecture Review

The hardest risks in agentic systems are semantic and behavioural, not structural — an agent chaining tools in an unintended sequence, escalating its own privileges, or acting on poisoned context. These are exactly the flaws classic static analysis misses. We review agent architecture and observed behaviour against the Agentic Top 10, looking for the failure modes that only appear once an agent is making decisions over time.

Step 5

Independent Attestation

On request, we issue a written, independent attestation that your AI-assisted codebase and agent architecture meet the open security baseline as of the review date — suitable for due diligence, enterprise procurement, board assurance, or a funding round. Because the Guild sells no tooling, this attestation carries weight no vendor's self-certification can: it is the judgment of a party with no stake in the outcome except the accuracy of the assessment.

Guild Principle

Guild Position

Security you cannot independently verify is not security. It is a vendor's promise about its own product.

In the age of AI-generated code, the most valuable thing in the room is the party with nothing to sell but the truth.

Why Not Just Buy a Fabric?

Buy the fabric. Buy several. Capable tooling is part of a serious AI security posture, and the Guild will happily help you get more from the tools you already own. But a tool watching your code cannot tell you whether it is the right tool, configured correctly, covering the standards that apply to you, with no blind spots its own vendor has reason to overlook. Only an independent party with no product to defend can tell you that — and can keep telling you, as your system and the standards both change.

The fabric is the instrument. The Guild is the impartial hand that checks the instrument is reading true. Both have a place. Only one of them can be trusted to grade the other.

Explore More Guild Services

Audit Services

Independent, candid review of AI-assisted codebases for correctness, security, and structural integrity.

Optimization Services

Reducing waste, improving efficiency, and lowering the token cost of AI-assisted software.

Meet the Guild

The reviewers are practitioners who work with AI agents in production every day. Get to know who would be working with your codebase.

Back to Home

Return to the AI Craftspeople Guild home page.