Your research agent works great in Jupyter. Then it leaks API keys in a stack trace, forgets what it researched two messages ago, and returns three citations, two of which link to pages that do not exist. The demo everyone loved is now a liability. Research agents have production challenges generic deployment guides miss. They call multiple external APIs with different authentication, research iteratively where one query shapes the next so they need context most frameworks discard between turns, and must provide verifiable source attribution because a hallucinated citation destroys trust permanently. This talk shows how credentials leak and how API gateways isolate them while identity management issues per-session credentials that expire. It adds conversation context so the agent builds on its own findings, plus a verification pipeline that checks every citation: the URL exists, the content matches the claim, the source is accessible. You'll leave with a security architecture that keeps credentials out of environment variables, plus patterns for persistent context and verified attribution.

Outline: • The Research Agent That Became a Liability • Securing Credentials with API Gateways • Persistent Conversation Context • Source Verification That Actually Works • The Complete Research Agent and Resources