# Vendor Agents, Runners, and Build-Integration Trust Boundaries

> **Intro:** Agents and runners are attractive because they automate a lot. They are dangerous for the same reason. Once deployed, they often gain filesystem, network, secret, or code visibility far beyond what the team consciously reviewed.
>
> **What this page includes**
>
> * trust-boundary review for agents and runners
> * questions for vendor-hosted and self-hosted execution
> * containment ideas when an agent or runner is suspected
> * how to separate convenience from authority

## Review questions

* what code will this component execute, and who controls that code?
* what network destinations can it reach?
* what secrets or service accounts are present at runtime?
* can it mutate artifacts, manifests, or production configuration?
* what telemetry exists if it behaves badly?

## Safer patterns

* dedicate higher-trust runners for production paths;
* minimize mounted secrets and workspace reuse;
* quarantine suspicious runners quickly;
* keep vendor agents away from the most sensitive tenants or environments until proven necessary.

## Related pages

* [Runner Isolation and Trust Boundaries](/devsecops-cicd-and-supply-chain/index-1/runner-isolation-and-trust-boundaries.md)
* [Product Security Incident Response Playbooks](/attack-paths-testing-detection-and-hardening/index/product-security-incident-response-playbooks.md)

***

*Author attribution: Ivan Piskunov, 2026 - Educational and defensive-engineering use.*


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.product-security.expert/devsecops-cicd-and-supply-chain/index-2/vendor-agents-runners-and-build-integration-trust-boundaries.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.