Your AI Agents Have Config Files. Nobody's Scanning Them.
· 3 min read
Teams are shipping AI agents into production faster than ever. Claude Code reads CLAUDE.md for instructions. MCP servers wire up tools via .mcp.json. Custom agents run off YAML definitions that control what they can access, execute, and modify.
These files are the new attack surface and nobody is scanning them.