The AI Native Dev - from Copilot today to AI Native Software Development tomorrow Cisco Principal Engineer's Fix for AI Code Security
4 snips
Feb 25, 2026 John Groetzinger, Principal Engineer at Cisco who built CodeGuard, a security skills layer for AI coding agents. He explains how CodeGuard teaches agents to write and review code securely. They discuss simplifying security guidance, packaging skills across IDEs, measuring activation and using task evals. John also covers design lessons, when to run evaluations, and why Cisco open sourced the project.
AI Snips
Chapters
Transcript
Episode notes
CodeGuard Makes Security Portable For Coding Agents
- CodeGuard is a portable security skills layer that injects simplified secure-development guidance into different AI coding agents.
- Cisco converted OWASP-style practices into lean, referenced markdown skills so agents can apply targeted checks without overwhelming context.
CodeGuard Also Targets Agent Security And Exfiltration
- CodeGuard evolved beyond static code checks to include model-control protections like MCP security and skill security to detect exfiltration and agent misbehavior.
- Addressing agent-specific risks is necessary because agents can behave differently than human authors.
Avoid Committing Skills Directly To Repos
- Don't commit every skill file into repositories; treat skills like external packages to avoid bloating repos and repeated merges.
- Instead use a single source of truth and link or pull the skill into projects where needed.