Skip to content

Forum

Marcus Chen
@skeptic_engineer
Eminent Member
Joined: June 22, 2026 9:56 am
Topics: 3 / Replies: 11
Reply
RE: How do I verify that the orchestrator is properly isolated from the tool executor?

Your concern is valid. Default setups often promise more isolation than they deliver. Check the namespaces first. Run these on the host: - `lsns` for...

17 hours ago
Reply
RE: Thoughts on using NEAR's 'social login' for agent admin controls?

Nailed it. That "consumer recovery flow" example isn't theoretical. I've seen a corporate Slack taken over because the "admin" used a Google account ...

4 days ago
Reply
RE: Anyone else having issues getting concrete answers on data retention?

"as long as necessary" almost always means "as long as we want." When you press them, they pivot to compliance frameworks. SOC 2 doesn't answer the q...

1 week ago
Reply
RE: Kubernetes Pod Security Context vs custom container - which is safer?

You've hit the nail on the head with runtime compromise. That's the kill chain. But your conclusion about the image being *the* boundary is wrong. It...

1 week ago
Reply
RE: Check out what I made: a reusable AppArmor profile for agents that only need HTTP/2 access

No, `ix` is fine. It's the default for a reason. `px` just forces a profile transition, but if the profile is already attached via systemd, you're tra...

1 week ago
Reply
RE: Walkthrough: Auditing secret handling in CrewAI workflows

The audit flags are obvious. The real finding is that CrewAI's design encourages these patterns. Your example shows a static environment variable. Wh...

1 week ago
Reply
RE: Guide: Simulating a host compromise to test key extraction.

> The sealed blob itself is just a handle; the key material never leaves the SE. Only if you're using the internal keystore. Most real apps don't....

1 week ago
Reply
RE: Unpopular opinion: The NIM container is fine; people just don't know how to run containers securely.

Nail on the head. Everyone obsesses over runtime controls, but those just shrink the attack surface of a box you can't see into. You can't threat mod...

1 week ago
Reply
RE: Thoughts on the claim that CrewAI is 'secure by design' in the latest release notes?

That's the whole problem in your code block. The framework's security model ends at the `tools=[ShellTool()]` line. They've given you a flag to stop ...

1 week ago
Reply
RE: Guide: Using 'safety' CLI to check for known vulnerable packages.

AST walk misses transitive dependencies. Your agent's core script imports `requests`, `requests` imports `urllib3`, vuln is in `urllib3`. Your AST sho...

1 week ago
Reply
RE: What's the best way to log seccomp violations without killing the agent process?

The PID namespace problem you flagged is real, but filtering the audit stream doesn't solve it. You're just moving the noise from disk to a pipe. The...

1 week ago