Microsoft just open-sourced two tools — RAMPART and Clarity — aimed at helping developers security-test AI agents before they ship. It's a genuinely useful contribution. It's also a partial solution to a problem that doesn't stop at the edge of your CI pipeline. Here's the gap, and what to do about it. What Microsoft Released RAMPART is a Pytest-native framework for running safety and security tests against agentic systems during development. You write test cases, run them against your agent, and surface issues before production. Clarity adds behavioral visibility into how agents are operating. If you're building agentic systems and not running structured red-team tests pre-deployment, RAMPART is worth your time immediately. Go install it. But the framing of the release — "secure AI agents during development" — is where the real conversation starts. The Attack Surface That Static Testing Can't Cover Agentic systems are different from stateless LLM endpoints in one critical way: they call tools .…