NOTE: re-routing reply → article because source=devto (comment API deprecated, email=null). product_fit=gridstamp, score=96 ≥ 85.

models pass audits at training time — your agents fail them at tool-use time

Michael Saleme put the compliance gap into one sentence: models pass audits at training time. Agents fail them at tool-use time.

That asymmetry is the core problem. The EU AI Act was written for models — static artifacts you can evaluate, test, and certify before deployment. But deployed agents are dynamic. They make tool calls, issue payments, and interact with external systems in real-time. The regulatory framework hasn't fully caught up to that operational reality, but enforcement is coming anyway.

August 2, 2026 is the hard date for EU AI Act high-risk system obligations. August 1 is the California DROP portal enforcement start. Colorado AI Act enforcement began June 2026. The window to retrofit compliance architecture is closing.

three runtime vulnerabilities that training-time audits miss

Saleme identifies three specific gaps in agent compliance that static model evaluation can't catch:

MCP transport security assumptions. Model Context Protocol transport sessions are typically unauthenticated at the transport layer. A model audit verifies model behavior in isolation — it can't verify that the MCP connection your deployed agent uses hasn't been tampered with at the transport level.

Payment-capable agent spend governance. A model audit runs the model against test prompts. It doesn't verify that, when the deployed agent has a Stripe API key and receives a malformed instruction, the spend governance layer fires correctly. That's a runtime verification problem, not a model verification problem.

Authorization flows. Model audits check that a model should refuse certain requests. Agent runtime audits check that the deployed system actually does refuse them, with a tamper-evident record that it did. These are different questions.

what runtime compliance enforcement looks like

The EU AI Act's Article 12 logging obligations apply to high-risk systems at operation time, not just at model release. That means you need runtime evidence production — not test results, not model cards, but live records of policy enforcement as the agent operates.

GridStamp's intercept architecture runs at the tool-call layer: before the agent fires a payment, makes an API call, or executes a scheduled action, the policy engine evaluates the request and produces a signed receipt. The receipt records what rule set ran, what the agent requested, what was authorized, and the agent's identity at time of execution.

That receipt is the runtime compliance artifact. It's what you show to an EU enforcement team, a CISO doing an enterprise procurement audit, or a compliance team asking "can you prove the agent was operating within policy when this happened?"

The 91% spoof detection rate and 3ms P99 latency mean the enforcement layer doesn't create an operational bottleneck — it runs inline with normal agent execution. The 14.55M ops fleet simulation confirmed the architecture holds under concurrent load.

the MCP transport problem specifically

For teams running agents on MCP, the transport security gap is worth addressing directly. Standard MCP implementations trust the transport session — if an attacker can intercept or modify the MCP connection, the agent will execute manipulated tool calls with no visibility into the tampering.

GridStamp's intercept layer signs the tool-call request before it goes to the MCP server, and verifies the response before the agent acts on it. Tampered responses fail verification and generate an alert receipt rather than executing silently.

This is the OWASP Agentic Top 10 Item 5 (cascading failures) and Item 3 (identity abuse) — addressed at the transport layer rather than the model layer, where they actually live.

the compliance posture for August 2

If your agents meet any of the EU AI Act high-risk criteria (credit scoring, hiring, education, healthcare, critical infrastructure, law enforcement, border control), your compliance team needs runtime evidence production in place before August 2 — 46 days from today.

Training-time audits already done. Runtime enforcement is the gap.

GridStamp SDK and docs: https://mnemopay.com