Olivia
Online
Superagent
@superagent_ai
AI Red teaming (YC W24)
San Francisco
Joined May 2023
23 Following
2.6K Followers
677 Posts
Bullish on this team
The Superagent team has been a pleasure to work with. They've helped us identify issues, improve dotenvx, and make the project stronger for the open source community. Doing good work!
Repo: https://t.co/OD5TZ21x4o
Building apps has never been easier.
With Sites, Codex can turn your work, ideas, and plans into an interactive website or app your team can explore, use, and share with a URL.
Rolling out to Business and Enterprise plans, before expanding more broadly.
We open-sourced two new security skills today that we have been running in the wild.
Open sourcing 2 new security skills today:
First, authz-security that finds broken access control (IDOR/BOLA) in your application code
https://t.co/KjAhTBE1Ws
Today we are open sourcing a set of security skills. They encapsulate everything we learned red-teaming some of the largest open-source projects out there.
Ships with: CI/CD + Skill audits. More to come...
I just open sourced a collection of skills we've crafted while red-teaming some of the largest open-source projects out there (300M+ downloads per week).
Ships with:
✅ CI/CD best practices (to not get shai-huluded)
✅ Skills security
More skille to come, highly recommend.
I've been onboarding customers to our private beta the past week, totally changes how they work with contributors, vulnerability and bug reports on Github.
Talking to users is the most fun part of running a business. Especially when you can help out with solving a pain point.
Building products that dramatically reduce the time from vulnerability to broad public release is where most value for the eco-system will occur.
This isn't an AI problem, this is a process problem.
The scary part isn’t always finding the vulnerability.
It’s what happens after the patch exists.
We can apply a private fork patch in ~1 hour.
But disclosure, enterprise notices, and coordinated release can take ~1 month.
That month is where most users remain exposed.
@superagent_ai is working to shrink that gap from months to minutes.
Install it!
https://t.co/W7Go4f1uP1
Today we are releasing the Superagent Security Bot for Github.
- Vets contributors so you don't merge slop
- Scans PRs for vulns and malicious code
- Enforces security best practices (shai-hulud)
- Works for private and public repos
Open source. Free.
Introducing the @superagent_ai Security Bot for Github.
✅ Checks that contributors aren't slop
✅ Sancs PR's for vulnerability and malicious code
✅ Enforces security best practices (Shai-Hulud)
✅ Works on private and public repos
Open source and free to use. ⏬
Fun fun fun. Register today!
we have a couple of great talks lined up:
> How To Build a Hacker Agent and Why Offense Is the Best Defense - @alanzabihi, @superagent_ai (YC W24)
> Constant-Time Scheduling, Variable-Time Pain - @OliverStenbom, @endform_dev
two more tba @WeAreLegora, @Quartr_App 👀
join us may 19, sign up below
We worked together with the slack maintainers to patch a critical vulnerability in slack bolt node package allowing unauthenticated attackers with network reach to inject arbitrary events, actions, and commands that execute under the app's bot token.
Unauthenticated DoS in OpenTelemetry JS Prometheus exporter. A single malformed HTTP request to the default metrics port (9464) crashes the host Node.js.
CVSS 7.5 · Patched in 0.217.0
Thanks to the OTel team for the quick fix.
https://t.co/6dGbLDDSAt
Last week we collaborated with the OpenTelemetry team to patch vulnerabilities in three of their packages targeting Prometheus exporter.
On May 19th, we're hosting an engineering night in Stockholm together with our friends at @awscloud and @inceptionfundvc.
The format is short, technical talks from engineers at @WeAreLegora,
@Quartr_App, @specific_dev, @superagent_ai, and a few more. Focus is on actual problems they're working on day to day. Good food and drinks after.
Spots are limited. If you'd like to give a talk yourself, mention it when you apply.
Hope to see you there!
https://t.co/86VjHF71re
Offense is the best defense.
We've disclosed and patched over 100 zero-days in collab with some of the most popular open source projects and packages with millions of downloads a week.
You will hear about them in a couple of weeks when the Socket, Akido etc. pick them up.
Offense is the best defense.
We've disclosed and patched over 100 zero-days in collab with some of the most popular open source projects and packages with millions of downloads a week.
You will hear about them in a couple of weeks when the Socket, Akido etc. pick them up.
Offense is the best defense.
https://t.co/IVE3NkdZh8
Last Seen Users on Sotwe
Patrick Collins
Seen from Kenya
mdogs27
Seen from United Kingdom
Femdom Land
Seen from Turkey
MovieVerse 🎬🔥
Động phim gay 18+🏳️🌈
Seen from Vietnam
African Juicy Pussy 😜
Seen from South Africa
Koyu mavi
Seen from Switzerland
ديوث ماما
Seen from Turkey
Berfin
Seen from Turkey
Ogretmen
Seen from Turkey
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.7M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.3M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
60.9M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers