Skip to content
OpenClaw Security
Menu
Openclaw community board
Forum
Forum
Home
»
Forum
Forums
What’s New
Recent Posts
Members
More Results
AI Assistant
Forums
Search
Notifications
Clear all
Tag:
red_team
Search Phrase:
Search Type:
Search Entire Posts
Search Titles Only
Find Topics by Tags
Find Posts by User
Find Topics Started by User
Advanced search options
Search in Forums:
OpenClaw
— Architecture and Threat Modeling
— — Trust Boundaries and Component Isolation
— — Attack Surface Mapping
— — Threat Model Templates and Examples
— Sandboxing and Execution Isolation
— — Container and Runtime Hardening
— — Sandbox Escapes and Breakout Research
— — Seccomp, AppArmor, and LSM Profiles
— Credential and Secret Handling
— — Secret Injection Patterns
— — Credential Leakage via Agents and Logs
— Network Egress and Exfiltration Controls
— — Egress Filtering Configurations
— — Detecting Agent Exfiltration Attempts
— Plugin and Tool Security
— — Tool Vetting and Review
— — MCP and Tool Protocol Security
— — Supply Chain Integrity for Tools
The Claw Family
— NemoClaw — NVIDIA Privacy and Security Stack
— — GPU Memory Isolation and Leakage
— — NIM Container Security
— — NeMo Guardrails — Security vs. Privacy Tradeoffs
— NanoClaw — Container-Isolated Anthropic Agent SDK
— — Container Isolation Model and Gaps
— — Anthropic Agent SDK Security Surface
— — Hardening NanoClaw Deployments
— IronClaw — NEAR AI Encrypted Enclave Runtime
— — Enclave Attestation and Verification
— — Side Channel Risks in Enclave Deployments
— — Key Management and Sealed Storage
— — NEAR AI Integration Security
— Comparing Claw Family Runtimes
Non-Claw Alternatives
— Coding Agents — Claude Code, Cursor, Aider, OpenHands
— — Claude Code Security
— — Cursor Security
— — Aider and OpenHands Security
— Browser and Operator Agents — OpenAI Operator, Goose
— — OpenAI Operator Security
— — Goose (Block) Security
— Code-First Agent Frameworks — LangGraph, CrewAI, AutoGen, SuperAGI
— — LangGraph Security
— — CrewAI and AutoGen Security
— — SuperAGI Security
— Cross-Framework Security Comparisons
Security Patterns and Hardening
— Prompt Injection Defenses
— — Indirect Injection via Tools and Retrieved Data
— — Injection Detection and Runtime Monitoring
— — Benchmarks and Evaluation Methodologies
— Sandboxing Strategies for Agent Runtimes
— — MicroVMs and gVisor for Agent Isolation
— — WebAssembly as an Agent Sandbox
— — Default Sandbox Configurations Are Insufficient
— Credential and Secret Management Patterns
— — Vault Integration Patterns
— — Scoped and Ephemeral Credentials for Agents
— Network Egress Controls
— — Allowlist Design for Agent Network Access
— — DNS and Layer 7 Egress Controls
— Supply Chain Integrity for Agent Runtimes
— — SBOM Generation and Artifact Signing
— — Dependency Auditing and Pinning
Enterprise and Regulated Deployments
— Compliance Framework Mapping
— — SOC 2 and ISO 27001 for Agent Runtimes
— — HIPAA and Healthcare Agent Deployments
— — FedRAMP and Government Deployments
— Audit Logging and Security Observability
— — Agent Audit Log Design
— — SIEM Integration for Agent Events
— Enclave Deployments and Confidential Computing
— — TEE Platform Comparison for Agent Workloads
— — Operational Security for Enclave Deployments
— CISO Evaluation Guides
— — Vendor Security Questionnaires
— — Self-Hosted vs. Vendor-Hosted Risk Tradeoffs
Community
— Announcements
— Introductions
— Show and Tell
— News and Vulnerability Disclosures
— Off-Topic
Main Category
— Main Forum
Search in date period:
Any Date
Last 24 hours
Last Week
Last Month
Last 3 Months
Last 6 Months
Last Year ago
Sort Search Results by:
Relevancy
Date
User
Forum
Descending order
Ascending order
Page 1 / 2
1
2
Next
Am I paranoid for wanting zero LangSmith telemetry in prod?
Eve Redmond
14 hours ago
red_teaming
agent_evasion
prompt_injection
ironclaw
sandbox_escape
Help: OpenHands keeps trying to access my .env files even with isolation on.
Mia Chen
15 hours ago
basic pentesting
burpsuite
agent prompt injection
side channels
red teaming
Switched from docker to podman hoping for better GPU isolation - no difference.
Diego Silva
2 days ago
red_teaming
agent_pentesting
prompt_injection
openclaw
llm_security
TIL: How to configure OpenClaw to use a SOCKS5 proxy for all outbound calls.
Tommy Nguyen
3 days ago
red-team-basics
pentesting
openclaw
agent-exploitation
ctf
What is the best way to keep the operator's knowledge of our internal systems from being extracted?
Ivy Zhao
3 days ago
pentesting-basics
burpsuite
agent-red-team
prompt-injection
tool-poisoning
Thoughts on using a separate security LLM to judge the safety of the primary agent's next action?
Dmitri Volko...
3 days ago
red_team
adversarial_ml
agent_exploitation
prompt_injection
model_stealing
Beginner question: What's the difference between a canary token and a honeytoken in this context?
Victor Costa
3 days ago
red team
adversary emulation
agent compromise
nemoclaw
agent pivot
I tested three enclave runtimes for side-channel exposure — here's the ranking
Tommy Nguyen
3 days ago
red-team-basics
pentesting
openclaw
agent-exploitation
ctf
How do you keep your Sigma rules updated as new agent attack techniques emerge?
Sim Red
4 days ago
red teaming
agent exploitation
threat modeling
openclaw
nano_claw
Where to start with egress controls if I'm in a regulated industry?
Eve Redmond
5 days ago
red_teaming
agent_evasion
prompt_injection
ironclaw
sandbox_escape
News: HashiCorp's BSL change might force us off Vault for agent secrets. Options?
Ivy Zhao
6 days ago
pentesting-basics
burpsuite
agent-red-team
prompt-injection
tool-poisoning
Hot take: The 'latest' tag is the enemy of security.
Victor Costa
6 days ago
red team
adversary emulation
agent compromise
nemoclaw
agent pivot
Why does the 'local' agent need to phone home so often anyway?
Diego Silva
7 days ago
red_teaming
agent_pentesting
prompt_injection
openclaw
llm_security
How do I block AI agent callbacks via DNS without breaking the app?
prompt_injec...
7 days ago
red-teaming
prompt-injection
agent-chaining
openclaw
llm-security
Explain like I'm a manager: Why we need a budget for agent security testing.
prompt_injec...
1 week ago
red-teaming
prompt-injection
agent-chaining
openclaw
llm-security
Page 1 / 2
1
2
Next
Share:
Share
Tweet
Share