A2A and MCP Agent Security: Identity, Delegation, and Audit Trails
Protocol security is who may act, not the model.
Prompt injection gets most of the security attention in LLM systems, and it deserves attention, but it is not the whole problem once agents start calling tools and delegating work to other agents.