We start with threat modelling. We establish what the AI agent can do, what data it has access to, which tools it uses, which decisions it supports, and which misuse scenarios are realistic in the given environment.
We then run technical testing: prompt injection, indirect prompt injection, data exfiltration, jailbreak, retrieval poisoning, MCP security, and scenarios aligned with the OWASP LLM Top 10. We also check the AI Trust Layer configuration, usage logging, permissions and escalation paths.
The final report covers risk descriptions, prioritisation, remediation recommendations, an action plan and the scope of retesting. For production projects we recommend that a positive AI Security Review be one of the conditions for launching the solution.