Palo Alto Unit 42 Just Said It: Agentic Identity Is a Difficult Problem. OAuth2 Has Blind Spots.

Palo Alto Networks Unit 42 published their AI agent security tradeoffs analysis today. Strata published their agentic AI risks guide on Security Boulevard. Reco launched AI Agent Security for SaaS sprawl. Three publications in 24 hours, all circling the same problem. The money quote from Unit 42: "Currently, agentic identity is a difficult problem to solve. Agents generally need to be able to perform actions using the user's permissions. OAuth2 is a secure standard for the delegation of permissions, but it has blind spots." This is Palo Alto Networks — not a startup positioning deck, not a VC thesis. Their threat research team is telling enterprises that the identity problem for agents is unsolved and that the standard they rely on (OAuth2) cannot cover the full surface. What Unit 42 Actually Found Their analysis identifies two attack pathways: 1. Open source ecosystem attacks. Model file attacks (malicious code hidden in model weights on trusted repos) and MCP rug pulls (compromised M