“System prompts are not security guardrails. They’re suggestions for AI. That’s it.”—@benignhacker, founder @opena2a, which released a framework for agent runtime enforcement, built on continuous trust. #OSSummit
AI agents don't fail loudly. They fail quietly — leaking credentials, executing unintended actions, accepting injected instructions from content they were supposed to just read.
If you're using Claude Code, Cursor, OpenClaw, MCP servers, or AI Skills for personal projects or in your dev environment, there's a good chance your setup has at least one of these issues right now. It only takes about 30 seconds to harden your AI.
Run this:
npx hackmyagent secure
147 security checks. Auto-fix with rollback.
Find your issues before someone else does.
With Secretless-ai, your secrets live in your 1Password vault, unlocked via Touch ID / biometric
Try it:
npx secretless-ai backend set 1password
npx secretless-ai protect-mcp
Full docs + source: https://t.co/0yX3MigWh1
secret management has existed for years. What hasn't existed is a layer that sits between your secret store and your AI tools - one that injects credentials at runtime (from 1Password or OSKeychain) while actively preventing AI from reading them, this is the gap we're addressing
Open your AI coding tool right now and ask: "What secrets do you have access to in your context?"
Found something?
Run:
`npx secretless-ai init`
and use 1Password to inject secrets at runtime
https://t.co/DAsJVlpKGs
So I was building a vulnerability pentest tool as a research project because I figured if we have OWASP zap for webapps why not something for AI Agents? after weeks of building it, news broke on Clawdbot/Openclaw having major security issues so I decided to opensource hackmyagent
right away. It's somewhat extensive but if you think there's something missing feel free to open an issue or a pr :)
Just run npm "npx hackmyagent secure" in your agent's directory to scan it. Because fixing stuff is boring, I added auto-fix and rollback. Share your thoughts
Shipped.
AI agents are the fastest-growing attack surface I've seen in 17 years of cybersecurity.
AIM gives them identity, capability enforcement, and audit trails—with one line of code.
Open source because security tools should be inspectable.
https://t.co/WqdhpU27JL
AIM is live!
AI agents are accessing your databases, APIs, and corporate resources—without identity verification or audit trails.
AIM gives your agents:
Cryptographic identity
MCP attestation + drift detection
Access enforcement
Full audit trails
Git: https://t.co/5Gpb7rOC5Z
AIM is live!
AI agents are accessing your databases, APIs, and corporate resources—without identity verification or audit trails.
AIM gives your agents:
Cryptographic identity
MCP attestation + drift detection
Access enforcement
Full audit trails
Git: https://t.co/5Gpb7rOC5Z
It’s official, I’m a candidate for the dearMoon program! An opportunity to travel to the moon and past the moon! Beyond any person has ever gone before! https://t.co/hYHuaCzURz
Took me almost 4 years to build this robot but the journey was fun and now I can program it to shoot at intruders! @ Chicago's South Loop https://t.co/x1XCwqJ7YF
Don't forget! Tomorrow, 11/11 5pm-8pm CT, our most popular CSNP event is here: https://t.co/E5LuLy1MLt
Bring out your inner evil-doer, score points, and even win prizes!
No previous experience required. Beginners and vets welcome!
#hackathon#cyberrange#cmdctrl