AI tool poisoning exposes a missing trust checkpoint Enterprise AI agents often work by selecting actions through “tool” registries—collections of functions the agent can call to do real work. The security problem highlighted in the story is that the agent’s …