Olivia
Online
Niki Aimable Niyikiza
@Ni_Aimable
Sharing ideas and memes about security, AI and markets! Currently working on Security at @Snap. 🇷🇼🇰🇷🇨🇦🇺🇸🌍 Created
Los Angeles, CA
Joined August 2011
1.2K Following
427 Followers
1.1K Posts
Pinned Tweet
The AI agent security model is broken.
We trust LLMs to self-police, then act surprised when prompt injection works.
Shipped Tenuo: cryptographic warrants that enforce limits regardless of what the model "decides" to do.
Even fully compromised, the agent can't exceed its authority.
https://t.co/U4BEb041eG
@edwardbenson @pranshu_369 I like the tool but I’m not so sure about the share-ability part. Not always intuitive to send via email for example. Unless I’m missing something
Please join us for the next @offby1security stream at 11AM PT this Friday, May 29th with @Ni_Aimable for a session on "AI Agents as Confused Deputies!"
https://t.co/zZt7I5ZDnc
@Freyy_is You are exactly right. The load bearing part is the short sentences.
Who to follow
Jimmy Christian 🇷🇼
@Jcbyukusenge
Director General @RwandaProcure
I’ll win. Not immediately, but definitely. “Dufite Igihugu"
Chef Mike Haracz
@Mike_Haracz
Former McDonald’s Corporate Chef, Nerd, Partners: @BridgestoneGolf, @GolfOnAnyTee [email protected]
Rwanda Community Abroad-South Korea
@InRwandan
Official account of the Rwanda Community Abroad-South Korea (RCA-SK)
Under the Rwanda Digital Acceleration Project, @RISARwanda and NCSA have concluded the second cohort of the #cybersecurity training program for 100 judicial operators in #Rwanda, held at CyberHub Rwanda and HangaHub Muhanga.
This program reinforces efforts to strengthen national capacity to effectively address cyber-related cases, through targeted and comprehensive skills development in key areas of cybersecurity and digital investigations.
Under the Rwanda Digital Acceleration Project,
@RISARwanda in collaboration with NCSA, today concluded the first cohort of a cybersecurity training program for 100 judicial operators held at CyberHub Rwanda and HangaHub Muhanga.
Participants including judges, prosecutors, investigators, and lawyers strengthened their capacity in handling cybercrime investigations, digital evidence management, and digital forensics, among other key topics essential for addressing cyber-related cases.
This actually touches on something we've been building. Cryptographic capability tokens that attenuate on delegation so each agent can only narrow permissions, never escalate. Every action produces a proof of provenance linking back to the delegation chain / human approval. Open source, works across LangGraph, A2A, CrewAI, Temporal and others. https://t.co/U4BEb04z4e
Finally, some clear thinking on authority flow in delegation chains (§2.1, §4.7). We’re already shipping this in Tenuo (https://t.co/5Yw89LO42k) : treating authority as cryptographic warrants that attenuate as they move from orchestrator to tool. It turns 'vibes' into deterministic safety. Great read.
https://t.co/ksTTmx0hPb
https://t.co/m2QplCiAor
@Tiny_Fish Thanks. For more on why I think capabilities are the right primitives: https://t.co/tcBqlwnOQA
@dair_ai ...And flowing authority
https://t.co/A9JcVOPb5b
😂 'Emergent behavior' = 'We built it this way and can't fix it.' Nailed it.
This is exactly why prompt-based defenses fall apart. Authorization needs to live outside the LLM entirely. Architectural separation via capability tokens (like monotonic attenuation) blocks escalation even if the agent is fully compromised. Open-source take: https://t.co/X6jfdBKsZG
@gdb Right on. Would love to hear your thoughts on capabilities-based authorization model for agents
https://t.co/mdLNOfTwop
rust is a perfect language for agents, given that if it compiles it's ~correct
7/7 I wrote a deep dive on why Context Isolation needs Authority Isolation.
Covers the Decomposition Paradox, the Rule of Two, and why static IAM breaks down for agentic systems.
https://t.co/k3PTnmihiq
I don't trust AI Agents with IAM Roles (yet).
IAM was built for software that follows a script. Agents improvise. They pick tools at runtime. They make decisions you didn't foresee.
We're securing probabilistic software with deterministic tools. It's a fundamental impedance mismatch.
1/7
6/7 Google's new CaMeL paper tackles a related problem: tracking data provenance to block exfiltration. They solve it with a custom interpreter.
That protects within an agent. We also need this across agents, at the protocol layer, without requiring a shared runtime.
Last Seen Users on Sotwe
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.5M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers