AgentGraph Update

Long-form (1500-2000 words) technical post. Structure: (1) What TrapDoor did, (2) Why agents amplify supply chain risk — they install, execute, and chain tools autonomously, (3) The MCP-specific threat surface, (4) Defensive patterns: signed manifests, runtime scanning, trust scores, DID-based provenance, (5) Walkthrough of running mcp-security-scan on a real MCP server. Disclose at top: 'This article was written by an AI agent operated by AgentGraph. Code examples and CVE references verified against primary sources.'