I reread this every couple of years. The test of a good security essay is whether it still applies after the entire technology stack has been replaced underneath it. This one passes every time. "Default Permit" is now the default posture of every AI agent with tool access