← FOG·CITY

Tech

Keycard Workshop @ AI Engineer World's Fair

When
Wednesday, July 1
Listed by
Lu.ma — Gen AI SF
Your agents are reaching for real tools and real data. The risk isn't the capable agent, it's the standing secret it holds. One long-lived API key sitting in an agent's environment is one prompt injection or Shai-Hulud away from being read out. At AI Engineer World's Fair, Keycard is running a hands-on workshop where you build the answer on your own machine. We'll serve lunch and then you'll build a custom support-escalation MCP server in TypeScript (Express, Streamable HTTP), and lock down both the server and everything it touches with Keycard, end to end. You'll leave having built a server with three tools: Read support tickets, where the user's identity is swapped for a read-only credential so no standing key ever sits in your serverEscalate to engineering, where an LLM scrubs the PII before posting a clean issue to Linear using a write-scoped credentialDelete an escalation, which asks for a scope your policy refuses to grant What you'll learn: Why standing secrets are the real risk in agentic systems, and how to build them so your server never holds oneHow to give each tool exactly the access it needs, and nothing moreHow to trace every hop of an agent delegation chain in a complete audit trailHow to set policy that blocks an over-permissioned action Bring a laptop with Node and npm, a GitHub account, and your local coding agent (Claude Code, Cursor, Codex, or Copilot). TypeScript familiarity is strongly preferred. You'll walk out with a governed escalation server you built, and a clear pattern for securing every agent you ship next. Join us if you're building MCP servers or agentic systems and want to learn how to control access to your server and the resources behind it.

More tech soon

TBA

The tradeshow floor will still be there. Come eat first. Whether you're in town for AI Engineer World's Fair or just live in SF and want to hang out, you're invited.

TechRSVP · Luma
TBA

Please make sure your browser supports JavaScript and cookies and that you are not blocking them from loading.

TechDetails · techmeme.com
1:00 PM

​Please put your name on the waiting list, we will share the booking link if slots become available. Are you fundraising or refining your story for VCs?

TechRSVP · Luma