New: Compliance toolkits for the EU AI Act and NIS2 (cybersäkerhetslagen) — templates your auditor will actually accept. Browse toolkits →

AI Security Consulting

Security for teams building with AI agents, MCP tools, and RAG

Prompt injection, data leakage, and privileged tool misuse hide in the gap between untrusted text and the tools your agents can call — where traditional security tooling doesn't look. I work with engineering and security teams to find and fix these exposures before they become incidents.

Contributor, OWASP Top 10 for Agentic Applications 2026 · CISSP · PhD · 15+ years enterprise security

Most teams' MCP integrations have never been security-reviewed for prompt injection or tool misuse. See MCP security →

Start here

Score your own agents — free

The Agent Security Scorecard walks you through the same questions I use in a review and hands you a gap list in the browser. No login, no email, nothing to install.

AI Agent Security Field Guide

A 20+ page guide to securing AI agent systems end to end: identity, tool boundaries, and containment.

Read the guide →

Pre-Deployment Checklist

The checks to run before the next agent ships to production. Five pages, no fluff.

Get the checklist →

The AI Security Newsletter

Prompt injection, MCP attack chains, and agentic defense, written for practitioners. One issue a week.

See the newsletter →

Focus areas

What I assess and secure

Specific expertise in how AI systems fail. Not generic cybersecurity rebranded.

Prompt Injection

Direct and indirect injection, jailbreaks, and multi-turn manipulation that override system intent.

Data Leakage

Paths where training data, system prompts, or user data can be extracted through model outputs.

Agentic System Risk

Tool-using agents introduce privilege escalation and confused deputy attacks. These don't exist in traditional systems.

Supply Chain & Model Risk

Third-party models, RAG data sources, fine-tuning datasets, and embedding pipelines as attack vectors.

Access Controls

How user identity, permissions, and data isolation are enforced across your AI infrastructure.

Monitoring & Response

Logging, anomaly detection, and incident response playbooks built for how AI systems actually fail.

Amine Raji, founder of Molntek
Amine Raji · Founder, Molntek

I've spent most of my career securing critical systems in regulated industries. Power grids. Healthcare infrastructure. Financial systems.

These days I work with teams building AI agent systems. Model selection, fine-tuning, RAG pipelines, agentic workflows, production on Kubernetes. I understand how these systems are built because I've built them.

That combination puts me in an unusual position. I understand how these systems are built, and I understand how they're broken. That's the gap Molntek exists to close.

Not ready to talk yet?

Free checklists, guides, the Agent Security Scorecard, and a sample assessment report. No call required.

Browse free resources →

Ready to talk?

Tell me what you're building. I'll tell you honestly whether I can help and what that would look like.