Working notes from shipping agent systems into regulated environments. https://althor.dev/writing/ 2026-04-29T00:00:00Z Samuel Swegart contact@althor.dev https://althor.dev/ © 2026 Samuel Swegart https://althor.dev/writing/mcp-copilot-studio/ 2026-04-28T00:00:00Z 2026-04-28T00:00:00Z Samuel Swegart https://althor.dev/

Five architecture decisions the Copilot Studio MCP onboarding wizard quietly assumes you've already made — identity, DLP zone, generative orchestration, Streamable transport, tenant scoping.

https://althor.dev/writing/mcp-server-boundaries/ 2026-04-21T00:00:00Z 2026-04-28T00:00:00Z Samuel Swegart https://althor.dev/

Six rules that keep MCP tool surfaces narrow enough to defend without making them too narrow to use.

https://althor.dev/writing/agent-security-review/ 2026-04-21T00:00:00Z 2026-04-28T00:00:00Z Samuel Swegart https://althor.dev/

A five-layer architecture for shipping agent systems into regulated environments — identity, credential broker, scoped tools, policy gating, audit.