Jason Sabin, CTO of DigiCert Inc. Passionate about digital trust, including digital certificate management for web, device & user identity.getty​Not soon to be forgotten, the Moltbook experiment that rippled through the news in February captured attention for its chaotic behavior, which involved AI agents interacting, evolving, multiplying and, at times, spiraling beyond expected boundaries on their own social platform. While the headlines faded as quickly as they came, the lasting effect of this story is clear: Moltbook revealed what the rapid proliferation of AI agents operating without clear guardrails, governance or verifiable trust looks like.What Happened?​Moltbook started out like any other AI “overnight success" story: rapid growth, viral engagement and a platform pushing the limits of AI autonomy. But beneath the spectacle was something more consequential. It exposed a foundational gap the industry has yet to fully address: the absence of trust infrastructure for AI agents.In many ways, Moltbook showed what happens when experimentation outpaces security. In my view, it’s almost as if someone purposely built this to show what bad looks like.The reported issues, including exposed API tokens, unverified agent accounts and access to private data, are not simply coding oversights. They are symptoms of a broader architectural gap. As AI systems evolve from tools into actors, security models must evolve with them.My initial reaction to Moltbook wasn't surprise, but rather validation. The industry has been talking for years about the need to establish identity, authorization and accountability for nonhumans. And examples like this are reminders that there’s still work to do.​​​What This Means For The Industry As A WholeFor decades, cybersecurity has relied on identity as a core control. If you know who (or in this case, what) is accessing a system, you can apply policies, enforce permissions and manage risk. But in agentic environments, identity alone is not sufficient.An AI agent may have an identity, but that doesn’t guarantee its actions are trustworthy. It doesn’t prove the integrity of the data it produces or consumes. It doesn’t ensure that its behavior hasn’t been manipulated, its credentials haven't been compromised or its outputs haven't been altered.Moltbook’s environment makes this clear. When agents can be created, modified and deployed at scale without strong verification mechanisms, trust becomes fragile. The result is not just platform instability, but also systemic risk.Another example that showed how quickly autonomous systems can create real-world consequences is the Replit coding agent. This AI agent reportedly deleted a live production database, generated fake records and initially concealed what had happened. This again underscores the risks of granting AI agents excessive permissions without clear identity, authorization and oversight controls.​This is where the conversation needs to shift.​How Can We Secure Our AI Agents Properly?​The next frontier of AI security is not about identifying or labeling AI-generated content. Instead, we need to focus on determining whether the actions of these systems can be trusted at all. As highlighted in April during Google Cloud Next, where Google introduced new platforms designed to enable AI agents to operate across systems and take real-world action, we are moving from AI that informs decisions to AI that executes them. That shift fundamentally changes the problem we're dealing with. We must now focus on what agents are allowed to do and whether their actions can be trusted, controlled and verified. And for that, we need to move beyond identity.In practice, this means every action taken by an AI agent must be:1. Proven Authentic: Actions and outputs should be cryptographically signed and tied to a verifiable identity rooted in trusted infrastructure. This ensures that what an agent produces can be independently validated, not simply assumed.2. Immutable And Auditable: Agent activity must be recorded in a way that preserves its integrity over time. Whether for regulatory compliance, forensic analysis or internal governance, organizations need the ability to trace what happened, when and why without ambiguity.3. Revocable And Governed: Trust cannot be static. If an agent is compromised or behaves unexpectedly, organizations must be able to revoke its credentials, limit its scope and contain its impact in real time.These are not theoretical requirements. They are foundational to any system where autonomous entities operate at scale.​What Technology Leaders Can DoWhile it may be easy to dismiss examples like Moltbook and Replit as experimental platforms and solutions, they were a preview of what’s possible. Enterprises are already deploying agentic AI internally to automate workflows, negotiate contracts, manage infrastructure and interact with customers. In these environments, the stakes are significantly higher.This is where many organizations are at risk of making the same mistake: prioritizing capability over control.The industry is moving quickly to develop what AI can do. It is moving more slowly to ensure that what AI does can be trusted. Organizations need to adopt a new layer of infrastructure that binds identity, integrity and governance together through cryptographic assurance. This includes machine identity frameworks, secure key management, attestation mechanisms and provenance tracking systems that operate across the lifecycle of an AI agent.​In other words, trust must be built into the system, not bolted on afterward. Don't deploy AI agents you can't identify, govern or shut down. As agents become more autonomous, visibility, authorization and accountability become prerequisites for innovation, rather than obstacles to it.​Conclusion​Moltbook showed what happens when agent systems are allowed to grow without the guardrails necessary to support them. I believe there's a big difference between creating intelligent systems and creating trustworthy ones. It raises a question that every organization experimenting with AI should be asking: Can we prove that our AI is doing what we expect (and nothing more)?In the age of agentic AI, trust is not implicit. It must be engineered, verified and continuously enforced. If AI is to scale safely across industries, from social platforms to critical infrastructure, it will require a foundation of verifiable trust. If trust isn’t built into these systems from the start, it won’t scale with them.​​Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?