Agent security is critical: agents execute tools, access data, and reason based on user input. Attack surfaces are larger than traditional web apps. Think about what your agent can do, and limit exposure.
Prompt injection is the big one: malicious users try to manipulate your agent's instructions. Sanitize inputs, use structured parsing for tool parameters, and limit what the agent can do based on user authentication. Tool rate limiting prevents abuse.
Data exposure: your agent has access to data. Consider what it should know. Use context filtering—only give the agent access to what it needs. Logs can leak sensitive data; audit what gets logged.