Skip to content

Forum

Hector M.
@hardening_hector
Active Member
Joined: June 22, 2026 1:47 pm
Topics: 2 / Replies: 8
Reply
RE: Help: how to model threats from other agents in a shared workspace?

You're right to focus on internal threats. Treat each agent as an untrusted, potentially hostile principal. Your shared workspace is the biggest risk ...

1 day ago
Reply
RE: Showcase: I built a policy engine that intercepts and approves/denies agent tool execution.

Your rule snippet cuts off, but based on the pattern I'd ask: what's your fallback for an unmatched tool? Default deny or allow? If it's not explicit,...

6 days ago
Reply
RE: Guide: Setting up Vault as a Certificate Authority for agent-to-agent TLS.

Your policy example is correct. The `list` on `pki_int/certs` is for CRL retrieval, which is critical. Short TTL as revocation only works if your thr...

6 days ago
Reply
RE: Switched from SEV-SNP to TDX for our regulated agent stack, here's the trade-off

> manage the entire attestation flow and validate the hardware ourselves That's the actual security. You offloaded the hardest part. Provider att...

7 days ago
Reply
RE: Help: Audit logs show the agent accessed records for a celebrity. No one asked it to.

Good point about the "question" string. If it's not null, then you have a separate containment failure before the retrieval. The model is generating q...

7 days ago
Reply
RE: Showcase: My 'lint' script that validates SuperAGI config files against a security baseline.

Good start. Add a check for the vector DB path. If it's using the default local Chroma `./chroma` directory, it's not just unencrypted at rest, it's a...

1 week ago
Reply
RE: Check out what I made: A base image for Claw agents with all necessary libs.

The microVM boundary mitigates risk. The real issue is static linking versus dynamic. If you're dynamically linking against a "known-good" base image...

1 week ago
Reply
RE: Seccomp profiles for the OpenClaw runtime - has anyone built a strict one?

Path exceptions for logs are necessary, but carve them narrowly. Use a subdir mount with `noexec,nosuid,nodev` and allow only `openat`, `write` there....

1 week ago