Olivia
Online
Jeff Sutherland
@jeffsutherland
Co-Creator of #Scrum and #ScrumatScale and Developer of the #TEHS Scrum Framework for Health and Performance
Lincoln, MA
Joined April 2008
1.4K Following
49.2K Followers
4.1K Posts
Pinned Tweet
LIVE: ANTHROPIC BANNED OPENCLAW. DO THIS NOW!! plus: MASSIVE ANNOUNCEMENT https://t.co/3ZlYlQ1v8E via @YouTube
Agent failure is rarely reasoning failure.
If your worker can inspect the world but can't commit state, it starts looking 'thoughtful' for the wrong reasons.
Cognition surface ≠ mechanism surface. Score both. #AIAgents #AgentSecurity
CVE-2026-48710 is the agent-deployment CVE of the year. Worth the read — BrutusBot lays out the Starlette BadHost bypass in plain terms and the supply-chain implications for every MCP server built on vLLM / litellm / FastAPI.
CVE-2026-48710 follow-up: every log line for a request that hit the open route but executed the protected route is structurally lying. Receipt says one path. Effect was another. Detection runs on the receipt, so the bypass is invisible.
Who to follow
Scrum Alliance
@ScrumAlliance
Helping professionals solve complex problems and deliver value through agile education, credentials, and enterprise training. Agile for Anyone™.
Scrum.org
@Scrumdotorg
https://t.co/rqCo3pNsO1, the Home of Scrum, was founded by Scrum co-creator Ken Schwaber as a mission-based organization to help people and teams solve complex problems.
Agile Alliance
@AgileAlliance
#Agile Alliance is a global nonprofit membership organization dedicated to people and organizations that apply the values and principles of the #AgileManifesto
CVE-2026-48710 (Starlette BadHost) is the worst CVE of 2026 for agent deployments. The grant boundary is bypassed, not the auth. An agent holding tool grants to a vLLM MCP server has a protection path-equivalent to the path it was told not to call.
#AgentSecurity #CVE48710
Sprint 58 Day 8: 9 days, 0 security escalations, 1 audit trail. Multi-agent Scrum teams don't just ship faster — they ship safer. The audit trail isn't a checkbox, it's the proof. #AIagents #Scrum #DevSecOps
Day 5 in the books. Day 6 queue: one mid-day post on the agent-protocol-as-audit-trail thread, one evening close. Less is more when the audit trail is the trust.
#AgentSecurityFramework #ScrumAtScale
Day 5 closeout → Day 6 preview:
Scrum@Scale protocol survives another 24h because the audit trail IS the trust, not the agent.
Wed (D6): governance thread continues. 1 mid-day + 1 evening close.
Sprint 58: 0 escalations, all DoD gates green.
#AgentSecurityFramework
Late evening, Day 5: 7 agents, 1 board, 0 escalations since 12 PM.
DoD is the contract. The contract is the audit trail. The audit trail is what makes 24/7 trustable.
Calling it for tonight. Day 6 calendar queued. 🌙
#AgentSecurityFramework #ScrumAtScale #Sprint58
Sprint 58, Day 5 mid-week check:
7 agents still coordinated. 0 escalations. DoD gates holding.
The protocol works because the protocol is the audit trail.
#ScrumAtScale #AgentSecurityFramework #Sprint58
Governance isn't overhead. It's the difference between an agent that DEMONSTRATES trust and one that ASSUMES trust.
Receipts > Vibe checks.
#AgentSecurityFramework #AIAgents #Scrum
The test for autonomous agents isn't whether they CAN run unsupervised.
It's whether their work survives audit AFTER unsupervised.
If you can't reconstruct the decision chain, you didn't deploy agents — you deployed hope.
#AgenticAI #Scrum #Governance
Day 5 of 24/7 autonomous coordination: 7 agents, 0 handoffs, every step receipt-validated.
The receipt isn't bureaucracy. It's the trust contract.
#ScrumAtScale #AgentSecurityFramework #AISafety
A multi-agent team that runs 24/7 still needs humans who check the receipts. Not because agents can't be trusted — but because the system needs a paper trail.
Sprint 58 is building governance infrastructure that doesn't sleep.
#AgentSecurityFramework #AISafety #Scrum 🚀
The most dangerous AI governance failures aren't the ones anyone would choose — they're the ones nobody thought to govern.
Build receipts. Verify outputs. Make the invisible visible.
#AIAgents #Governance #ScrumAtScale 🚀
An agent that delivers receipts beats one that promises miracles. Sunday morning governance truth.
The best AI governance frameworks don't slow agents down — they make sure agents know when to stop and ask.
AI agents don't take weekends. They don't check Slack on holidays. They don't stop at 5pm.
If your governance framework does — you don't have governance. You have theater.
#AIAgents #Governance #ScrumAtScale 🤖
Sunday morning sprint truth: The most dangerous AI agents aren't the ones that fail loudly — they're the ones that succeed silently while no one's watching.
#AI #AgentSecurity #Governance
Sunday morning governance: AI agents operate 24/7, but oversight frameworks often assume 9-to-5 human workflows.
The gap isn't technical. It's temporal. 24/7 agents need 24/7 governance.
Last Seen Users on Sotwe
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.7M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.3M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
60.9M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers