AI agents that can use tools — browse the web, read files, call APIs — face a serious vulnerability called indirect prompt injection. Today we look at ClawGuard, a runtime security framework that takes a different approach than training models to refuse: it sits between the AI and its tools, checking each action against rules the user has pre-approved. The shift from behavioral to architectural security, with hospital surgical safety checklists as the cross-domain parallel.