AI Policy Desk · Tag

ai-security

Posts tagged “ai-security” — practical AI governance guides, templates, and checklists for small teams.

AI Developer Tool Vendor Security — 10 Questions to Ask

Apr 1, 2026 · 11 min read · Governance

Choosing an AI developer tool without vendor security questions invites supply-chain surprises. Use these ten prompts — build hygiene, disclosure culture, telemetry, SBOM — before you standardise an AI developer tool across your team.
When Your AI Vendor Has a Security Incident

Apr 1, 2026 · 12 min read · Governance

An AI vendor security incident on a tool you depend on is still your governance problem. This practical guide helps small teams assess scope, rotate credentials, update threat models, and document decisions — without waiting for confirmed harm.
Hidden AI Features and the Governance Gap They Create

Apr 1, 2026 · 11 min read · Governance

Hidden AI features often ship behind feature flags — without clear notice. Here is what that means for policy, vendor contracts, and small-team governance, and how to close the documentation gap.
What the Claude Code Source Leak Reveals About AI Tool Governance

Mar 31, 2026 · 7 min read · Governance

Anthropic's Claude Code source code was accidentally exposed via a .map file in their npm registry. Here's what the leak reveals and what small teams should learn about AI vendor security and governance.

AI Developer Tool Vendor Security — 10 Questions to Ask