Like the secret agents in famous movie franchises, autonomous agents can go rogue. That’s why there are “handlers” to manage them. But who’s managing the AI agents in our organizations?
As enterprises in Asia Pacific move from AI copilots to autonomous AI agents within their business operations, an evolving AI supply chain is emerging that many organizations currently lack visibility or governance over.
We find out from Sunny Rao, SVP APAC, JFrog what this means for enterprise AI infrastructure and governance, and for the people managing it.
As enterprises move from AI copilots to autonomous agents operating inside production systems, a new “AI supply chain” is emerging. Why are AI supply chains diverging from traditional software pipelines?
Sunny Rao (SR): The divergence is happening because we are moving away from static code toward a dynamic world of verified skills, MCP servers, models, and software packages. Traditional pipelines weren’t built for autonomous “agents” that can act on their own. In this new landscape, the software supply chain must not only track but also govern the autonomous behaviors and real-time interactions of these agents with enterprise systems
As IDC noted, the technology underpinning AI Agents is still immature, and issues of reliability, transparency, security and quality still need to be resolved. For this reason, JFrog has partnered with NVIDIA to provide the governance and verifiable trust layer required for agentic workforces to operate securely at enterprise speed and scale.
With support NVIDIA Agent Toolkit – including NVIDIA NemoClaw, an open-source runtime for building and deploying safe, autonomous, long-running AI agents – solutions such as JFrog Agent Skills Registry and JFrog Artifactory will provide the secure operational infrastructure agents need to access verified skills and internal data, ensuring the AI supply chain is protected in a way traditional software pipelines never required.
As AI agents are fundamentally reshaping how software is created and used, what should businesses and developers watch out for in terms of governance and secure workflows?
SR: AI agents are fundamentally reshaping how software is created and operated, but without a dedicated trust layer to enforce governance and secure workflows, they introduce significant enterprise risk. Just as a malicious software package can compromise an application, an unvetted skill can guide an agent to perform harmful actions. To safely deploy autonomous agents at scale, organizations must move beyond blind trust.
For example, working closely with the NVIDIA Enterprise AI Factory team, we have established a reliable system of record to store, scan, and govern all agentic binary assets across the software supply chain. By establishing an integrated, secure registry for NVIDIA AI-Q Blueprint and NVIDIA NemoClaw such as the JFrog Platform, enterprises will be able to safely operate agents using verified skills, MCP servers, models, and software packages.
This ensures that every skill is approved and safe for use at enterprise scale, preventing agents from performing unauthorized actions.
Furthermore, businesses should look for automated systems that automatically scan, verify and sign all AI skills upon upload to detect vulnerabilities, malicious payloads, and compliance risks before NVIDIA NemoClaw – or other agents – ever adopt them. By implementing this scalable, automated governance, developers can continue innovating quickly using pre-approved agents without compromising the security of the enterprise.
What gives rise to unmanaged AI artifacts such as models and agent connectors?
SR: Unmanaged AI artifacts typically arise when developer experimentation moves faster than governance frameworks. Currently, many enterprise AI projects fail to reach production due to compliance, fragmentation, and security risks. In the rush to innovate, developers may pull MCPs, agent skills, models, and software packages from public hubs that haven’t been properly vetted, creating a “Shadow AI” ecosystem.
A common misconception is that simple text-based files, like .md files, don’t need the same level of oversight as traditional code. In reality, any asset – whether it’s an NVIDIA NIM or a markdown-based skill – must be managed, secured and governed like any other software package/binary. Without a central way to track these, organizations lose visibility into what their agents are actually doing.
A secure system of record for scanning and governing these diverse assets helps to identify those with malicious intent or vulnerabilities. This allows IT leaders to move past the fragmentation of experimental stages and safely scale AI initiatives from pilot to profitable production faster. When these workflows are deployed securely at scale, they create tangible business value. For example, in the financial sector, agentic AI systems that autonomously optimize transaction routing can deliver basis point improvements that translate directly into clear, measurable revenue.
How does a dedicated trust layer help enforce governance and security, especially in areas where we lack visibility in the AI supply chain?
SR: A dedicated trust layer eliminates the “visibility gap” by acting as a single, central control plane to track, audit, and manage the provenance of all AI models, agent skills, NVIDIA NIMs, and agentic binary assets across the entire software supply chain. Without this, organizations struggle to see what’s actually happening inside their AI “black boxes.”
Such visibility, in the case of JFrog Artifactory, is enforced through deep integration with NVIDIA NemoClaw, where it natively integrates with the NVIDIA NemoClaw runtime and the NVIDIA AI-Q Blueprint to serve as a secure repository for agent skills.
This built-in governance allows organizations to set strict, centralized approval workflows, ensuring that AI agents and developers can only execute permitted and verified code within sandboxed environments.
Crucially, this layer provides automated verification and scanning. The JFrog Platform automatically scans, verifies, and signs all AI skills upon upload, detecting malicious payloads and vulnerabilities before NVIDIA NemoClaw or other agents can ever adopt them.
