Announcements, product releases, and media coverage from ThirdKey. For interviews, briefings, or background on our work in zero-trust AI agent infrastructure, reach the press desk directly — we typically respond within one business day.
Product launches, specification publications, and milestones. Older items are archived but stay reachable by DOI.
3,760-trial comparative evaluation across seven hosted LLMs and three substrates: Symbiont records 0 successful exploits out of 560 trials on pure-action vectors. Docker sandboxing fails to stop 88% of filesystem-enumeration, 89% of network-boundary, and 84% of state-mutation attacks. Orchestrator-injection cut from 59% to 3.6% (1.5% excluding GPT-5). Companion preprint DOI 10.5281/zenodo.20043247.
A specification for .clad.toml declarative tool contracts — typed parameters, validation, invocation, output parsing, and Cedar policy across CLI, sessions, and governed browser execution. Replaces freeform shell generation with allow-list-validated tool invocation. DOI 10.5281/zenodo.19957595.
A compile-time approach to enforcing policy gates in AI agent loops via typestate encoding. Evaluated across nine hosted LLM providers — 263 forbidden tool-call attempts refused without execution at 30–95µs per check. DOI 10.5281/zenodo.19746723.
A system specification for zero-trust AI agent execution — declarative tool contracts, the Observe-Reason-Gate-Act loop, and structural separation of policy from model influence across five architectural layers. DOI 10.5281/zenodo.19636533.
For interviews, embargoed briefings, or technical background, email the press desk. Founder Jascha Wanger is available for comment on AI agent safety, policy-governed runtime, and supply-chain integrity.
We respond to journalists, analysts, and conference organizers within one business day. For sales or technical questions, please use sales@thirdkey.ai instead.
press@thirdkey.ai →ThirdKey is an AI safety and security company building open, interoperable trust infrastructure for autonomous AI agents — cryptographic identity, schema verification, declarative tool contracts, and a policy-governed runtime. The company ships four open-source primitives (Symbiont, SchemaPin, AgentPin, ToolClad) and a commercial enterprise tier of its agent runtime for security teams running agents in production.
A guarantee that can’t be written down isn’t one.