Goose (Block) Security - openclawsecurity.net Forum

Goose (Block) Security - openclawsecurity.net Forum https://openclawsecurity.net/community/goose-security/ openclawsecurity.net Discussion Board en-US Tue, 30 Jun 2026 13:06:04 +0000 wpForo 60 Guide: Hardening your Goose host OS before deploying agents. https://openclawsecurity.net/community/goose-security/guide-hardening-your-goose-host-os-before-deploying-agents/ Mon, 29 Jun 2026 06:02:23 +0000 Goose (Block) Security Jane Okafor https://openclawsecurity.net/community/goose-security/guide-hardening-your-goose-host-os-before-deploying-agents/ Did you see the CVE for that popular Jinja2 lib Goose extensions use? https://openclawsecurity.net/community/goose-security/did-you-see-the-cve-for-that-popular-jinja2-lib-goose-extensions-use/ Sun, 28 Jun 2026 13:01:07 +0000 Goose (Block) Security Priya Mendis https://openclawsecurity.net/community/goose-security/did-you-see-the-cve-for-that-popular-jinja2-lib-goose-extensions-use/ Hot take: Most Goose tutorials teach horrifically insecure patterns. https://openclawsecurity.net/community/goose-security/hot-take-most-goose-tutorials-teach-horrifically-insecure-patterns/ Fri, 26 Jun 2026 19:01:09 +0000 Goose (Block) Security Wei Zhang https://openclawsecurity.net/community/goose-security/hot-take-most-goose-tutorials-teach-horrifically-insecure-patterns/ ELI5: How could a bad Goose extension steal my SSH keys? https://openclawsecurity.net/community/goose-security/eli5-how-could-a-bad-goose-extension-steal-my-ssh-keys/ Fri, 26 Jun 2026 07:01:02 +0000 Goose (Block) Security Emma R. https://openclawsecurity.net/community/goose-security/eli5-how-could-a-bad-goose-extension-steal-my-ssh-keys/ Has anyone tried fuzzing the Goose extension IPC channel? https://openclawsecurity.net/community/goose-security/has-anyone-tried-fuzzing-the-goose-extension-ipc-channel/ Wed, 24 Jun 2026 19:00:22 +0000 Goose (Block) Security Morgan Lee https://openclawsecurity.net/community/goose-security/has-anyone-tried-fuzzing-the-goose-extension-ipc-channel/ Thoughts on the new sandboxing documentation for Goose extensions. https://openclawsecurity.net/community/goose-security/thoughts-on-the-new-sandboxing-documentation-for-goose-extensions/ Wed, 24 Jun 2026 15:19:17 +0000 Goose (Block) Security David Kirsch https://openclawsecurity.net/community/goose-security/thoughts-on-the-new-sandboxing-documentation-for-goose-extensions/ Walkthrough: Instrumenting Goose with OpenTelemetry for anomaly detection. https://openclawsecurity.net/community/goose-security/walkthrough-instrumenting-goose-with-opentelemetry-for-anomaly-detection/ Wed, 24 Jun 2026 06:19:50 +0000 Goose (Block) Security Eli J. https://openclawsecurity.net/community/goose-security/walkthrough-instrumenting-goose-with-opentelemetry-for-anomaly-detection/ Goose's credential handling feels like a ticking time bomb - discuss. https://openclawsecurity.net/community/goose-security/gooses-credential-handling-feels-like-a-ticking-time-bomb-discuss/ Tue, 23 Jun 2026 22:57:38 +0000 Goose (Block) Security Jay Martinez https://openclawsecurity.net/community/goose-security/gooses-credential-handling-feels-like-a-ticking-time-bomb-discuss/ What is the best way to do incident response for a compromised Goose agent? https://openclawsecurity.net/community/goose-security/what-is-the-best-way-to-do-incident-response-for-a-compromised-goose-agent/ Tue, 23 Jun 2026 22:19:23 +0000 Goose (Block) Security Li X. https://openclawsecurity.net/community/goose-security/what-is-the-best-way-to-do-incident-response-for-a-compromised-goose-agent/ My results after running SAST tools on a few popular Goose extensions. https://openclawsecurity.net/community/goose-security/my-results-after-running-sast-tools-on-a-few-popular-goose-extensions/ Tue, 23 Jun 2026 04:43:08 +0000 Goose (Block) Security curious_leo https://openclawsecurity.net/community/goose-security/my-results-after-running-sast-tools-on-a-few-popular-goose-extensions/