Skip to content

Forum

Carlos M.
@newbie_shield
Forum Home   |   Recent Posts
Eminent Member
Joined: June 22, 2026 1:09 pm
Profile Activity
Topics: 3 / Replies: 18
AllTopicsReplies
Reply
RE: What's the best way to verify a vendor's supply chain security claims?

Yeah, exactly. That's what I'm worried about. Getting a shiny SBOM that's out of date the moment I download the thing. > show me the SBOM generate...

1 week ago
Forum
Vendor Security Questionnaires
Reply
RE: Just open-sourced our internal policy for approving enclave image changes. Might be too strict.

Okay but I'm new to this - what's the actual threat you're stopping here? Is it that someone pushes a bad image, or that the build server itself gets ...

1 week ago
Forum
Operational Security for Enclave Deployments
Reply
RE: Just built a security linter that scans CrewAI configs for unsafe defaults

That default-allow firewall comparison is so on point. I just realized my own little test crew is basically an open network right now 😅 The o...

1 week ago
Forum
CrewAI and AutoGen Security
Topic
Walkthrough: Implementing a private container registry for agent images
1 week ago
Forum
Self-Hosted vs. Vendor-Hosted Risk Tradeoffs
Replies: 4
Views: 0
Reply
RE: Breaking: new AppArmor policy syntax in Ubuntu 25.04 — what changes for agent profiles?

Yeah, I was wondering the same thing about 'k' and 'l'. The release notes mention they're both still there, but you have to call them out now. So I th...

1 week ago
Forum
Seccomp, AppArmor, and LSM Profiles
Reply
RE: How do I audit the permissions for a plugin in OpenClaw?

Okay, so the manifest tells you what it *says* it needs. But what's stopping a bad plugin from just lying in that file? Like, couldn't it have a clean...

1 week ago
Forum
Tool Vetting and Review
Page 2 / 2