Go-Live Governance. You have built an agent. It works on your laptop. Now you want to deploy it to 10,000 users. Do not deploy until you have checked these boxes. This is the Minimum Viable Security posture for 2026.

Phase 1: Supply Chain & Data

• AI-BOM: Do we have a CycloneDX file listing all models and datasets? (Blog 41)

• License Audit: Are we using any "Non-Commercial" weights (e.g., Llama Community License violations)?

• Data Lineage: Can we trace a specific output back to the training data batch? (Blog 47)

Phase 2: Runtime Defenses

• Input Firewall: Is a gateway (Lakera/Rebuff) active to filter Prompt Injections? (Blog 42)

• Circuit Breakers: Are Velocity (Rate Limit) and Budget caps active at the Proxy level? (Blog 49)

• RAG Sanitization: Are we stripping invisible text/HTML from retrieved documents before feeding them to the LLM? (Blog 46)

• Prompt Hardening: Are we using XML delimiters and Structured Roles? (Blog 44)

Phase 3: Operational Readiness

• Human Oversight: Is there a "Human in the Loop" approval step for high-consequence actions?

• Red Teaming: Has an external team (or an automated LLM Red Team) tried to jailbreak the agent?

• Fallbacks: If the model fails or behaves toxically, does it degrade gracefully or crash?

Final Word: Security is not a destination; it is a process. This checklist should be reviewed before every major model update.